{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6175", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2023-11-16T11:30:45.732Z", "datePublished": "2024-03-26T07:30:49.763Z", "dateUpdated": "2024-08-29T15:04:52.444Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [{"lessThan": "4.0.11", "status": "affected", "version": "4.0.0", "versionType": "semver"}, {"lessThan": "3.6.19", "status": "affected", "version": "3.6.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Anonymous working with Trend Micro Zero Day Initiative"}], "descriptions": [{"lang": "en", "value": "NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-08-29T15:04:52.444Z"}, "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2023-29.html"}, {"name": "GitLab Issue #19404", "tags": ["issue-tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19404"}], "solutions": [{"lang": "en", "value": "Upgrade to versions 4.0.11, 3.6.19 or above."}], "title": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.714Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2023-29.html", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/19404", "name": "GitLab Issue #19404", "tags": ["issue-tracking", "x_transferred"]}]}, {"affected": [{"vendor": "wireshark", "product": "wireshark", "cpes": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4.0.0", "status": "affected", "lessThan": "4.0.11", "versionType": "semver"}, {"version": "3.6.0", "status": "affected", "lessThan": "3.6.19", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-06T14:19:21.744161Z", "id": "CVE-2023-6175", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T16:03:26.551Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2023-29.html", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/19404", "name": "GitLab Issue #19404", "tags": ["issue-tracking", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.714Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6175", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-06T14:19:21.744161Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "vendor": "wireshark", "product": "wireshark", "versions": [{"status": "affected", "version": "4.0.0", "lessThan": "4.0.11", "versionType": "semver"}, {"status": "affected", "version": "3.6.0", "lessThan": "3.6.19", "versionType": "semver"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T16:03:19.777Z"}}], "cna": {"title": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark", "credits": [{"lang": "en", "type": "finder", "value": "Anonymous working with Trend Micro Zero Day Initiative"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"status": "affected", "version": "4.0.0", "lessThan": "4.0.11", "versionType": "semver"}, {"status": "affected", "version": "3.6.0", "lessThan": "3.6.19", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to versions 4.0.11, 3.6.19 or above."}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2023-29.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/19404", "name": "GitLab Issue #19404", "tags": ["issue-tracking"]}], "descriptions": [{"lang": "en", "value": "NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-08-29T15:04:52.444Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6175", "state": "PUBLISHED", "dateUpdated": "2024-08-29T15:04:52.444Z", "dateReserved": "2023-11-16T11:30:45.732Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2024-03-26T07:30:49.763Z", "assignerShortName": "GitLab"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F73E378-C301-481A-A502-9FF87A0B6D53", "versionEndIncluding": "3.6.18", "versionStartIncluding": "3.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9D0926F-17C4-4594-B8D7-5683A7CFF2DF", "versionEndIncluding": "4.0.10", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file"}, {"lang": "es", "value": "La falla del analizador de archivos NetScreen en Wireshark 4.0.0 a 4.0.10 y 3.6.0 a 3.6.18 permite la denegaci\u00f3n de servicio a trav\u00e9s de un archivo de captura manipulado."}], "id": "CVE-2023-6175", "lastModified": "2025-04-16T18:53:23.160", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "cve@gitlab.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-26T08:15:35.867", "references": [{"source": "cve@gitlab.com", "tags": ["Issue Tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19404"}, {"source": "cve@gitlab.com", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2023-29.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19404"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2023-29.html"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "cve@gitlab.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "wireshark: NetScreen File Parsing Heap-based Buffer Overflow", "id": "2250151", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250151"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.6", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "status": "draft"}, "cwe": "CWE-119", "details": ["NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file", "A heap-based buffer overflow was found in Wireshark's NetScreen file parser. This issue may allow local arbitrary code execution via a crafted capture file."], "name": "CVE-2023-6175", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-11-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-6175\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-6175\nhttps://gitlab.com/wireshark/wireshark/-/issues/19404\nhttps://www.wireshark.org/security/wnpa-sec-2023-29.html"], "statement": "Although arbitrary code execution may be possible, default memory protections in Red Hat Enterprise Linux should prevent this flaw from causing a higher impact than an application crash. \nWireshark is not an application that runs with elevated privileges, limiting the exploitability and impact of this issue to the user's context. Therefore, the severity score is set to Moderate.", "threat_severity": "Moderate"}