CVE-2013-5919Improper Input Validation in Suricata

CWE-20Improper Input Validation5 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
0.9%
top 23.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oisf SuricataOpeninfosecfoundation Suricata
Timeline
PublishedMay 30
Latest updateMay 14

Description

Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

Debianoisf/suricata< 2.0-1+3
NVDoisf/suricata12 versions+11

Patches

Patch: suricata-ids.orgPatch: suricata-ids.org

🔴Vulnerability Details

3
GHSA
GHSA-7h5g-v8pf-26hq: Suricata before 12022-05-14
CVEList
CVE-2013-5919: Suricata before 12014-05-30
OSV
CVE-2013-5919: Suricata before 12014-05-30

📋Vendor Advisories

1
Debian
CVE-2013-5919: suricata - Suricata before 1.4.6 allows remote attackers to cause a denial of service (cras...2013
CVE-2013-5919 — Improper Input Validation in Suricata | cvebase