CVE-2018-16738

Severity

3.7LOW

EPSS

0.3%

top 44.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 10

Latest updateMay 14

Description

tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 2.2 | Impact: 1.4

▶Debiantinc< 1.0.35-1+3

▶NVDtinc-vpn/tinc1.0.30 — 1.0.34

Also affects: Debian Linux 9.0

GHSA

GHSA-c478-67p7-rg2p: tinc 1↗2022-05-14

▶

OSV

CVE-2018-16738: tinc 1↗2018-10-10

▶

CVEList

CVE-2018-16738: tinc 1↗2018-10-10

▶

Debian

CVE-2018-16738: tinc - tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there ...↗2018

▶

Bugzilla

CVE-2018-16737 CVE-2018-16738 CVE-2018-16758 tinc: Multiple issues fixed in the 1.0.35 release↗2018-10-09

▶

Bugzilla

CVE-2018-16737 CVE-2018-16738 CVE-2018-16758 tinc: Multiple issues fixed in the 1.0.35 release [fedora-all]↗2018-10-09

▶

Bugzilla

CVE-2018-16737 CVE-2018-16738 CVE-2018-16758 tinc: Multiple issues fixed in the 1.0.35 release [epel-all]↗2018-10-09

▶