CVE-2018-1111 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2018-1111

CVE-2018-1111

May 17, 2018

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.

Related Resources (22)

https://access.redhat.com/errata/RHSA-2018:1460

https://access.redhat.com/errata/RHSA-2018:1461

http://www.securitytracker.com/id/1040912

https://www.exploit-db.com/exploits/44890/

http://www.securityfocus.com/bid/104195

https://access.redhat.com/security/vulnerabilities/3442151

https://access.redhat.com/errata/RHSA-2018:1524

https://access.redhat.com/errata/RHSA-2018:1456

https://access.redhat.com/errata/RHSA-2018:1455

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

https://access.redhat.com/security/cve/CVE-2018-1111

https://access.redhat.com/errata/RHSA-2018:1454

https://access.redhat.com/errata/RHSA-2018:1458

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/

https://access.redhat.com/errata/RHSA-2018:1457

https://access.redhat.com/errata/RHSA-2018:1453

https://access.redhat.com/errata/RHSA-2018:1459

https://www.exploit-db.com/exploits/44652/

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111

https://www.tenable.com/security/tns-2018-10

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/

Do you need more information?

CVSS v4

Base Score:

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Attack Requirements

PRESENT

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

HIGH

Vulnerable System Integrity

HIGH

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

Exploit Maturity

POC

CVSS v3

Base Score:

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Exploit Maturity

FUNCTIONAL

CVSS v2

Base Score:

7.9

Access Vector

ADJACENT NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

Weakness Type (CWE)

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

EPSS

Base Score:

89.18