Vulnerability Description
A Denial of Service vulnerability related to preemptive item deletion in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Flexera | Flexnet Publisher | <= 11.16.1.0 |
| Oracle | Communications Lsms | >= 13.1, <= 13.4 |
References
- http://www.securityfocus.com/bid/109155Broken Link
- https://secuniaresearch.flexerasoftware.com/advisories/85979/Not ApplicableVendor Advisory
- https://www.oracle.com/security-alerts/cpuoct2021.htmlPatchThird Party Advisory
- http://www.securityfocus.com/bid/109155Broken Link
- https://secuniaresearch.flexerasoftware.com/advisories/85979/Not ApplicableVendor Advisory
- https://www.oracle.com/security-alerts/cpuoct2021.htmlPatchThird Party Advisory
FAQ
What is CVE-2018-20031?
CVE-2018-20031 is a vulnerability with a CVSS score of 7.5 (HIGH). A Denial of Service vulnerability related to preemptive item deletion in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combin...
How severe is CVE-2018-20031?
CVE-2018-20031 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-20031?
Check the references section above for vendor advisories and patch information. Affected products include: Flexera Flexnet Publisher, Oracle Communications Lsms.