CVE-2019-16062
published 2020-03-19CVE-2019-16062: NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. It is possible for an attacker to expose unencrypted…
PriorityP434medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.76%
50.5th percentile
NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. It is possible for an attacker to expose unencrypted sensitive data.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elfutils_project | elfutils | >= 0 < 0.174-r0 | 0.174-r0 |
| elfutils_project | elfutils | >= 0 < 0.176-1.1ubuntu0.1 | 0.176-1.1ubuntu0.1 |
| elfutils_project | elfutils | >= 0 < 0.158-0ubuntu5.3+esm1 | 0.158-0ubuntu5.3+esm1 |
| elfutils_project | elfutils | >= 0 < 0.165-3ubuntu1.2+esm1 | 0.165-3ubuntu1.2+esm1 |
| elfutils_project | elfutils | >= 0 < 0.170-0.4ubuntu0.1+esm1 | 0.170-0.4ubuntu0.1+esm1 |
| netsas | enigma_network_management_solution | <= 65.0.0 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
osv6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
elfutils vulnerabilities
osv·2023-08-30·CVSS 5.5
CVE-2018-16062 elfutils vulnerabilities
elfutils vulnerabilities
It was discovered that elfutils incorrectly handled certain malformed
files. If a user or automated system were tricked into processing a
specially crafted file, elfutils could be made to crash or consume
resources, resulting in a denial of service. This issue only affected
Ubuntu 14.04 LTS. (CVE-2018-16062, CVE-2018-16403, CVE-2018-18310,
CVE-2018-18520, CVE-2018-18521, CVE-2019-7149, CVE-2019-7150,
CVE-2019-7665)
It was discovered that elfutils incorrectly handled bounds checks in
certain functions when processing malformed files. If a user or automated
system were tricked into processing a specially crafted file, elfutils
could be made to crash or consume resources, resulting in a denial of
service. (CVE-2020-21047, CVE-2021-33294)
GHSA
GHSA-jv3m-8g66-rq7f: NETSAS Enigma NMS 65
ghsa_unreviewed·2022-05-24
CVE-2019-16062 [MEDIUM] CWE-311 GHSA-jv3m-8g66-rq7f: NETSAS Enigma NMS 65
NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. It is possible for an attacker to expose unencrypted sensitive data.
OSV
CVE-2019-16062: NETSAS Enigma NMS 65
osv·2020-03-19·CVSS 6.5
CVE-2019-16062 [MEDIUM] CVE-2019-16062: NETSAS Enigma NMS 65
NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. It is possible for an attacker to expose unencrypted sensitive data.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-03-19
Published