ICMP DoS attack
Vulnerability details
Memory management defect in ICMPv6 layer.
Impacted products
Revisions
| Version |
Date |
Description |
| v1 |
12/18/2020 |
Initial release |
| v2 |
01/29/2020 |
Fix field “Solution” and precision about impacted versions |
| v3 |
03/01/2021 |
Update “Solution” section |
Stormshield Network Security |
CVSS v2 Overall Score: 5.3 
|
Analysis
|
Impacted version
|
|
Memory management defect in ICMPv6 layer which can trigger DoS of the equipment.
|
- SNS 2.0.0 to 2.7.7
- SNS 3.0.0 to 3.7.14
- SNS 3.8.0 to 3.11.2
- SNS 4.0.0 to 4.1.2
|
Workaround solution
|
Solution
|
|
There is no workaround solution.
|
The vulnerability is fixed in versions:
- SNS 2.7.8
- SNS 3.7.15
- SNS 3.11.3
- SNS 4.1.3
|
| Access vector |
Access complexity |
Authentication |
Confidentiality impact |
Integrity impact |
Availability impact |
| Network |
Medium |
None |
None |
None |
Complete |
| Exploitability |
Remediation Level |
Report Confidence |
| Unproven that exploit exists |
Official fix |
Confirmed |
| Collateral Damage Potential |
Target Distribution |
| None |
High [76-100%] |
Netasq |
CVSS v2 Overall Score: 5.3
|
Analysis
|
Impacted version
|
|
Memory management defect in ICMPv6 layer which can trigger DoS of the equipment
|
|
Workaround solution
|
Solution
|
|
There is no workaround solution.
|
No solution
|
| Access vector |
Access complexity |
Authentication |
Confidentiality impact |
Integrity impact |
Availability impact |
| Network |
Medium |
None |
None |
None |
Complete |
| Exploitability |
Remediation Level |
Report Confidence |
| Unproven that exploit exists |
Official fix |
Confirmed |
| Collateral Damage Potential |
Target Distribution |
| None |
High [76-100%] |
