VDB
CVE-2019-19317
CVE-2019-19317
PUBLISHED
CVSS 9.300000190734863 CRITICAL
In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
EPSS 0.99% · 77.2th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.99%
77.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Linux | |
| Avaya | Avaya Aura Application Enablement Services | |
| Oracle | Oracle MySQL | |
| Avaya | Avaya Aura Session Manager | |
| SUSE | SUSE Linux | |
| Avaya | Avaya Aura Experience Portal | |
| Avaya | Avaya Aura System Manager | |
| Amazon | Amazon Linux 2 | |
| Ubuntu | Ubuntu Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Avaya | Avaya Web License Manager | |
| Avaya | Avaya Aura Communication Manager | |
| Debian | Debian Linux | |
| Gentoo | Gentoo Linux |
Exploit Intelligence
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
…and 2 more exploits
Timeline
- Dec 5, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 11, 2023 EPSS Score
- Jul 14, 2023 EPSS Score
- Nov 16, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1614.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1614 advisory
- https://de.tenable.com/security/tns-2023-34 advisory
- https://de.tenable.com/security/tns-2023-23 advisory
- https://usn.ubuntu.com/4350-1/ advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-1049.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1049 advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2017.html advisory
- https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL advisory
- https://access.redhat.com/errata/RHSA-2020:1810 advisory
- https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202006/msg00015.html advisory
- https://www.debian.org/security/2020/dsa-4703 advisory
- http://lists.suse.com/pipermail/sle-security-updates/2020-June/007007.html advisory
- http://lists.suse.com/pipermail/sle-security-updates/2020-June/007010.html advisory
- https://access.redhat.com/errata/RHSA-2020:3194 advisory
- https://access.redhat.com/errata/RHSA-2020:3518 advisory
- https://access.redhat.com/errata/RHSA-2020:3732 advisory
- https://access.redhat.com/errata/RHSA-2020:3755 advisory
- https://access.redhat.com/errata/RHSA-2020:3757 advisory
- https://access.redhat.com/errata/RHSA-2020:4026 advisory
…and 20 more