Main Vulnerability Database Vulnerabilities #VU24719

Security Features in FreeBSD - CVE-2019-5613

Published: January 29, 2020

Vulnerability identifier: #VU24719

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-5613

CWE-ID: CWE-254

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: FreeBSD Foundation

Affected software:
FreeBSD

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to a missing anti-reply window check in IPSec implementation. A remote attacker can inject an old packet into the network stream that will be processed by the system.

Successful exploitation of the vulnerability may allow an attacker to manipulate network data, passed via IPSec channel.

How to mitigate CVE-2019-5613

Install updates from vendor's website.

Sources

https://www.freebsd.org/security/advisories/FreeBSD-SA-20:02.ipsec.asc

Security Features in FreeBSD - CVE-2019-5613

Detailed vulnerability description

How to mitigate CVE-2019-5613

Sources

Please verify you're human