CVE-2018-21247 — HIGH (7.5)

Q: What is CVE-2018-21247?

CVE-2018-21247 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

Q: How severe is CVE-2018-21247?

CVE-2018-21247 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-21247?

Check the references section above for vendor advisories and patch information. Affected products include: Libvnc Project Libvncserver, Canonical Ubuntu Linux, Debian Debian Linux, Siemens Simatic Itc1500 Firmware, Siemens Simatic Itc1500.

Vulnerability Description

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Libvnc Project	Libvncserver	<= 0.9.12
Canonical	Ubuntu Linux	14.04
Debian	Debian Linux	8.0
Siemens	Simatic Itc1500 Firmware	>= 3.0.0.0, < 3.2.1.0
Siemens	Simatic Itc1500	-
Siemens	Simatic Itc1500 Pro Firmware	>= 3.0.0.0, < 3.2.1.0
Siemens	Simatic Itc1500 Pro	-
Siemens	Simatic Itc1900 Firmware	>= 3.0.0.0, < 3.2.1.0
Siemens	Simatic Itc1900	-
Siemens	Simatic Itc1900 Pro Firmware	>= 3.0.0.0, < 3.2.1.0
Siemens	Simatic Itc1900 Pro	-
Siemens	Simatic Itc2200 Firmware	>= 3.0.0.0, < 3.2.1.0
Siemens	Simatic Itc2200	-
Siemens	Simatic Itc2200 Pro Firmware	>= 3.0.0.0, < 3.2.1.0
Siemens	Simatic Itc2200 Pro	-
Opensuse	Leap	15.2

Related Weaknesses (CWE)

CWE-909

References

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.htmlMailing ListThird Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdfPatchThird Party Advisory
https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServePatchThird Party Advisory
https://github.com/LibVNC/libvncserver/issues/253Issue TrackingThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.htmlMailing ListThird Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdfPatchThird Party Advisory
https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServePatchThird Party Advisory
https://github.com/LibVNC/libvncserver/issues/253Issue TrackingThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro

FAQ

What is CVE-2018-21247?

CVE-2018-21247 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

How severe is CVE-2018-21247?

CVE-2018-21247 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-21247?

Check the references section above for vendor advisories and patch information. Affected products include: Libvnc Project Libvncserver, Canonical Ubuntu Linux, Debian Debian Linux, Siemens Simatic Itc1500 Firmware, Siemens Simatic Itc1500.