U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2019-12255

Change History

Initial Analysis by NIST 8/19/2019 4:22:46 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200
     OR
          cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300
     OR
          cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300 versions up to (excluding) 7.91
     OR
          cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:netap:e-series_santricity_os_controller:*:*:*:*:*:*:*:* versions from (including) 8.00 up to (including) 8.40.50.00
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 5.9.0.0 up to (including) 5.9.0.7
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 5.9.1.0. up to (including) 5.9.1.12
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.2.0.0 up to (including) 6.2.3.1
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.2.4.0 up to (including) 6.2.4.3
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.2.5.0 up to (including) 6.2.5.3
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.2.6.0 up to (including) 6.2.6.1
     *cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.2.7.0 up to (including) 6.2.7.4
     *cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*
     *cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.2.9.0 up to (including) 6.2.9.2
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.5.0.0 up to (including) 6.5.0.3
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.5.1.0 up to (including) 6.5.1.4
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.5.2.0 up to (including) 6.5.2.3
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.5.3.0 up to (including) 6.5.3.3
     *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions from (including) 6.5.4.0. up to (including) 6.5.4.3
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:* versions from (including) 6.6 up to (including) 6.9
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-119
Changed Reference Type
http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html No Types Assigned
http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html Exploit, Third Party Advisory, VDB Entry
Changed Reference Type
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf No Types Assigned
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf Third Party Advisory
Changed Reference Type
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 No Types Assigned
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 Third Party Advisory
Changed Reference Type
https://security.netapp.com/advisory/ntap-20190802-0001/ No Types Assigned
https://security.netapp.com/advisory/ntap-20190802-0001/ Third Party Advisory
Changed Reference Type
https://support.f5.com/csp/article/K41190253 No Types Assigned
https://support.f5.com/csp/article/K41190253 Third Party Advisory
Changed Reference Type
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255 No Types Assigned
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255 Vendor Advisory
Changed Reference Type
https://support2.windriver.com/index.php?page=security-notices No Types Assigned
https://support2.windriver.com/index.php?page=security-notices Issue Tracking, Vendor Advisory
Changed Reference Type
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ No Types Assigned
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ Vendor Advisory