VDB
CVE-2018-14568
CVE-2018-14568
PUBLISHED
Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received).
EPSS 0.28% · 51.6th percentile
Risk Scores
EPSS Score
0.28%
51.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | suricata | 0, 3.2-2ubuntu3 |
| Ubuntu:16.04:LTS | suricata | 2.0.10-2, 3.0-1, 0 |
Timeline
- Jul 23, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 27, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
- Jan 7, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2018-14568 third-party-advisory
- https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345 third-party-advisory
- https://github.com/kirillwow/ids_bypass third-party-advisory
- https://redmine.openinfosecfoundation.org/issues/2501 third-party-advisory
- https://suricata-ids.org/2018/07/18/suricata-4-0-5-available/ third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2018-14568 third-party-advisory