CVE-2018-20578

{"id": "CVE-2018-20578", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2018-12-28T18:29:00.253", "references": [{"url": "https://bitbucket.org/nuttx/nuttx/downloads/nuttx-7_27-README.txt", "tags": ["Release Notes", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://bitbucket.org/nuttx/nuttx/issues/119/denial-of-service-infinite-loop-while", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-835"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in NuttX before 7.27. The function netlib_parsehttpurl() in apps/netutils/netlib/netlib_parsehttpurl.c mishandles URLs longer than hostlen bytes (in the webclient, this is set by default to 40), leading to an Infinite Loop. The attack vector is the Location header of an HTTP 3xx response."}, {"lang": "es", "value": "Se ha descubierto un problema en versiones anteriores a la 7.27 de NuttX. La funci\u00f3n netlib_parsehttpurl() en apps/netutils/netlib/netlib_parsehttpurl.c gestiona de manera incorrecta las URL m\u00e1s largas que los bytes de hostlen (en el cliente web, esto se establece por defecto en 40), conduciendo a un bucle infinito. El vector de ataque es la cabecera Location de una respuesta HTTP 3xx."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nuttx:nuttx:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18635B34-6239-44E0-9A24-CB288BA405E0", "versionEndExcluding": "7.27"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}