Vulnerability Details CVE-2018-18065
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.044
EPSS Ranking 88.4%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.securityfocus.com/bid/106265
- https://cert-portal.siemens.com/productcert/pdf/ssa-978220.pdf
- https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
- https://security.netapp.com/advisory/ntap-20181107-0001/
- https://security.paloaltonetworks.com/CVE-2018-18065
- https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/
- https://usn.ubuntu.com/3792-1/
- https://usn.ubuntu.com/3792-2/
- https://usn.ubuntu.com/3792-3/
- https://www.debian.org/security/2018/dsa-4314
- https://www.exploit-db.com/exploits/45547/
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- http://www.securityfocus.com/bid/106265
- https://cert-portal.siemens.com/productcert/pdf/ssa-978220.pdf
- https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
- https://security.netapp.com/advisory/ntap-20181107-0001/
- https://security.paloaltonetworks.com/CVE-2018-18065
- https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/
- https://usn.ubuntu.com/3792-1/
- https://usn.ubuntu.com/3792-2/
- https://usn.ubuntu.com/3792-3/
- https://www.debian.org/security/2018/dsa-4314
- https://www.exploit-db.com/exploits/45547/
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Products affected by CVE-2018-18065
-
cpe:2.3:a:net-snmp:net-snmp:5.0
-
cpe:2.3:a:net-snmp:net-snmp:5.0.1
-
cpe:2.3:a:net-snmp:net-snmp:5.0.2
-
cpe:2.3:a:net-snmp:net-snmp:5.0.3
-
cpe:2.3:a:net-snmp:net-snmp:5.0.4
-
cpe:2.3:a:net-snmp:net-snmp:5.0.5
-
cpe:2.3:a:net-snmp:net-snmp:5.0.6
-
cpe:2.3:a:net-snmp:net-snmp:5.0.7
-
cpe:2.3:a:net-snmp:net-snmp:5.0.8
-
cpe:2.3:a:net-snmp:net-snmp:5.0.9
-
cpe:2.3:a:net-snmp:net-snmp:5.1
-
cpe:2.3:a:net-snmp:net-snmp:5.1.2
-
cpe:2.3:a:net-snmp:net-snmp:5.2
-
cpe:2.3:a:net-snmp:net-snmp:5.3
-
cpe:2.3:a:net-snmp:net-snmp:5.3.0.1
-
cpe:2.3:a:net-snmp:net-snmp:5.4
-
cpe:2.3:a:net-snmp:net-snmp:5.4.2.1
-
cpe:2.3:a:net-snmp:net-snmp:5.5
-
cpe:2.3:a:net-snmp:net-snmp:5.6
-
cpe:2.3:a:net-snmp:net-snmp:5.7
-
cpe:2.3:a:net-snmp:net-snmp:5.7.1
-
cpe:2.3:a:net-snmp:net-snmp:5.7.2
-
cpe:2.3:a:net-snmp:net-snmp:5.7.3
-
cpe:2.3:a:netapp:cloud_backup:-
-
cpe:2.3:a:netapp:hyper_converged_infrastructure:-
-
cpe:2.3:a:netapp:storagegrid_webscale:-
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:16.04
-
cpe:2.3:o:canonical:ubuntu_linux:18.04
-
cpe:2.3:o:canonical:ubuntu_linux:18.10
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:netapp:data_ontap:-
-
cpe:2.3:o:netapp:e-series_santricity_os_controller:*
-
cpe:2.3:o:netapp:solidfire_element_os:-
-
cpe:2.3:o:paloaltonetworks:pan-os:-
-
cpe:2.3:o:paloaltonetworks:pan-os:1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:2.0
-
cpe:2.3:o:paloaltonetworks:pan-os:2.1
-
cpe:2.3:o:paloaltonetworks:pan-os:3.0
-
cpe:2.3:o:paloaltonetworks:pan-os:3.1
-
cpe:2.3:o:paloaltonetworks:pan-os:3.1.10
-
cpe:2.3:o:paloaltonetworks:pan-os:3.1.11
-
cpe:2.3:o:paloaltonetworks:pan-os:3.1.12
-
cpe:2.3:o:paloaltonetworks:pan-os:3.1.9
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.0
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.1
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.10
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.11
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.12
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.13
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.2
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.3
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.4
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.5
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.6
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.7
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.8
-
cpe:2.3:o:paloaltonetworks:pan-os:4.0.9
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.0
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.1
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.10
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.11
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.12
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.13
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.2
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.4
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.5
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.6
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.7
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.8
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.8-h3
-
cpe:2.3:o:paloaltonetworks:pan-os:4.1.9
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.0
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.0-h1
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.10
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.11
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.12
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.13
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.14
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.15
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.16
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.17
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.18
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.19
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.2
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.20
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.3
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.4
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.5
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.6
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.7
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.8
-
cpe:2.3:o:paloaltonetworks:pan-os:5.0.9
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.1
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.10
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.11
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.12
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.13
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.2
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.4
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.5
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.6
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.7
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.8
-
cpe:2.3:o:paloaltonetworks:pan-os:5.1.9
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.0
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.1
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.10
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.11
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.12
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.13
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.14
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.15
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.2
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.3
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.4
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.5
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.6
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.7
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.8
-
cpe:2.3:o:paloaltonetworks:pan-os:6.0.9
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.0
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.1
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.10
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.11
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.12
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.13
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.14
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.15
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.16
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.17
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.18
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.19
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.2
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.20
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.21
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.4
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.5
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.6
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.7
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.8
-
cpe:2.3:o:paloaltonetworks:pan-os:6.1.9
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.0
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.1
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.10
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.11
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.12
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.13
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.14
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.15
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.16
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.17
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.18
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.19
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.2
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.3
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.4
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.5
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.5-h2
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.6
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.7
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.8
-
cpe:2.3:o:paloaltonetworks:pan-os:7.0.9
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.0
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.1
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.10
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.11
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.12
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.13
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.14
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.15
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.16
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.17
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.18
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.19
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.2
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.20
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.21
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.22
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.23
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.24
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.25
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.26
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.4
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.4-h2
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.5
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.6
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.7
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.8
-
cpe:2.3:o:paloaltonetworks:pan-os:7.1.9
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.0
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.1
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.10
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.11
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.12
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.13
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.14
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.15
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.16
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.17
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.18
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.19
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.2
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.20
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.3
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.4
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.5
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.6
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.7
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.8
-
cpe:2.3:o:paloaltonetworks:pan-os:8.0.9
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.0
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.1
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.2
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.4
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.5
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.6