National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2018-1160

Change History

Initial Analysis - 2/7/2019 9:14:31 AM

Action Type Old Value New Value
Added CPE Configuration
OR
     *cpe:2.3:a:netatalk_project:netatalk:*:*:*:*:*:*:*:* versions up to (excluding) 3.1.12
Changed Reference Type
https://www.exploit-db.com/exploits/46034/ No Types Assigned
https://www.exploit-db.com/exploits/46034/ Exploit, Third Party Advisory, VDB Entry
Added CWE
CWE-787
Added CPE Configuration
AND
     OR
          *cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*
Changed Reference Type
https://www.debian.org/security/2018/dsa-4356 No Types Assigned
https://www.debian.org/security/2018/dsa-4356 Third Party Advisory
Changed Reference Type
https://www.synology.com/security/advisory/Synology_SA_18_62 No Types Assigned
https://www.synology.com/security/advisory/Synology_SA_18_62 Third Party Advisory
Added CVSS V2
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Changed Reference Type
https://www.tenable.com/security/research/tra-2018-48 No Types Assigned
https://www.tenable.com/security/research/tra-2018-48 Exploit, Release Notes, Third Party Advisory
Changed Reference Type
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html No Types Assigned
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html Release Notes
Added CPE Configuration
OR
     *cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* versions from (including) 5.2 up to (excluding) 5.2-5967-9
     *cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* versions from (including) 6.1 up to (excluding) 6.1.7-15284-3
     *cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.2.1-23824-4
     *cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:* versions from (including) 1.2 up to (excluding) 1.2-7742-5
     *cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Changed Reference Type
https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ No Types Assigned
https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ Release Notes, Third Party Advisory
Changed Reference Type
https://www.exploit-db.com/exploits/46048/ No Types Assigned
https://www.exploit-db.com/exploits/46048/ Exploit, Third Party Advisory, VDB Entry
Changed Reference Type
https://attachments.samba.org/attachment.cgi?id=14735 No Types Assigned
https://attachments.samba.org/attachment.cgi?id=14735 Third Party Advisory
Added CVSS V3
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Changed Reference Type
http://www.securityfocus.com/bid/106301 No Types Assigned
http://www.securityfocus.com/bid/106301 Third Party Advisory, VDB Entry