Details of VAR-201906-0408

ID

VAR-201906-0408

CVE

CVE-2019-6964

TITLE

RDK RDKB CcspPandM Module out-of-bounds reading vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-005799

DESCRIPTION

A heap-based buffer over-read in Service_SetParamStringValue in cosa_x_cisco_com_ddns_dml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an exactly 64-byte username, password, or domain, for which the buffer size is insufficient for the final '\0' character. This is related to the CcspCommonLibrary and WebUI modules. RDK RDKB CcspPandM The module contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. RDK is a set of modular, portable, and customizable open source IoT software solutions for the RDK Management community. CcspPandM is one of the modules used to implement the core configuration and management functions of the device. A buffer error vulnerability exists in the 'Service_SetParamStringValue' function of the cosa_x_cisco_com_ddns_dml.c file of the CcspPandM module in the RDK RDKB-20181217-1 version. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow

Trust: 2.7

sources: NVD: CVE-2019-6964 // JVNDB: JVNDB-2019-005799 // CNVD: CNVD-2019-19288 // CNNVD: CNNVD-201906-821

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-19288

AFFECTED PRODUCTS

vendor:	rdkcentral	model:	rdkb ccsppandm	scope:	eq	version:	rdkb-20181217-1	Trust: 1.0
vendor:	rdk management	model:	rdkb ccsppandm	scope:	eq	version:	rdkb-20181217-1	Trust: 0.8
vendor:	rdk	model:	rdkb-20181217-1	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2019-19288 // JVNDB: JVNDB-2019-005799 // NVD: CVE-2019-6964

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-6964
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-6964
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-19288
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201906-821
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2019-6964
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-19288
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2019-6964
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2019-19288 // JVNDB: JVNDB-2019-005799 // CNNVD: CNNVD-201906-821 // NVD: CVE-2019-6964

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.8

sources: JVNDB: JVNDB-2019-005799 // NVD: CVE-2019-6964

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201906-821

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005799

PATCH

title:	rdkcmf/rdkb-CcspPandM	url:	https://github.com/rdkcmf/rdkb-CcspPandM	Trust: 0.8
title:	Patch for RDK CcspPandM Module Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/165301	Trust: 0.6
title:	RDK CcspPandM Fixes for module buffer error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93970	Trust: 0.6

sources: CNVD: CNVD-2019-19288 // JVNDB: JVNDB-2019-005799 // CNNVD: CNNVD-201906-821

EXTERNAL IDS

db:	NVD	id:	CVE-2019-6964	Trust: 3.0
db:	JVNDB	id:	JVNDB-2019-005799	Trust: 0.8
db:	CNVD	id:	CNVD-2019-19288	Trust: 0.6
db:	CNNVD	id:	CNNVD-201906-821	Trust: 0.6

sources: CNVD: CNVD-2019-19288 // JVNDB: JVNDB-2019-005799 // CNNVD: CNNVD-201906-821 // NVD: CVE-2019-6964

REFERENCES

url:	https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6964	Trust: 2.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6964	Trust: 0.8

sources: CNVD: CNVD-2019-19288 // JVNDB: JVNDB-2019-005799 // CNNVD: CNNVD-201906-821 // NVD: CVE-2019-6964

SOURCES

db:	CNVD	id:	CNVD-2019-19288
db:	JVNDB	id:	JVNDB-2019-005799
db:	CNNVD	id:	CNNVD-201906-821
db:	NVD	id:	CVE-2019-6964

LAST UPDATE DATE

2024-11-23T22:41:29.383000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-19288	date:	2019-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2019-005799	date:	2019-07-01T00:00:00
db:	CNNVD	id:	CNNVD-201906-821	date:	2019-06-21T00:00:00
db:	NVD	id:	CVE-2019-6964	date:	2024-11-21T04:47:19.010

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-19288	date:	2019-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2019-005799	date:	2019-07-01T00:00:00
db:	CNNVD	id:	CNNVD-201906-821	date:	2019-06-20T00:00:00
db:	NVD	id:	CVE-2019-6964	date:	2019-06-20T14:15:11.220