CVE-2019-9750 - OpenCVE

In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a "4.01 Unauthorized" response is mishandled. NOTE: the vendor states "While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite."

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Iotivity	Iotivity

Configuration 1 [-]

cpe:2.3:a:iotivity:iotivity:*:*:*:*:*:*:*:*

References

Link	Resource
https://jira.iotivity.org/browse/IOT-3267	Exploit Issue Tracking Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:19:39

Updated: 2022-10-03T16:19:39

Reserved: 2022-10-03T00:00:00

Link: CVE-2019-9750

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-03-13T19:29:00.347

Modified: 2021-07-21T11:39:23.747

Link: CVE-2019-9750

JSON object: View

Redhat Information

No data.

CWE

CWE-400

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a \"4.01 Unauthorized\" response is mishandled. NOTE: the vendor states \"While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:19:39", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://jira.iotivity.org/browse/IOT-3267"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9750", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a \"4.01 Unauthorized\" response is mishandled. NOTE: the vendor states \"While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://jira.iotivity.org/browse/IOT-3267", "refsource": "MISC", "url": "https://jira.iotivity.org/browse/IOT-3267"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-9750", "datePublished": "2022-10-03T16:19:39", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:19:39", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:iotivity:iotivity:*:*:*:*:*:*:*:*", "matchCriteriaId": "A51EF323-F8DC-418F-88EB-FD1B19A836F5", "versionEndIncluding": "1.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a \"4.01 Unauthorized\" response is mishandled. NOTE: the vendor states \"While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite.\""}, {"lang": "es", "value": "En IoTivity hasta la versi\u00f3n 1.3.1, la interfaz del servidor CoAP puede emplearse para ataques de denegaci\u00f3n de servicio (DoS) distribuido mediante la suplantaci\u00f3n de la direcci\u00f3n de origen y la amplificaci\u00f3n del tr\u00e1fico basado en UDP. El tr\u00e1fico reflejado es 6 veces mayor que las peticiones suplantadas. Esto ocurre debido a que la construcci\u00f3n de una respuesta \"4.01 Unauthorized\" se gestiona de manera incorrecta. NOTA: el fabricante indica que \"aunque este es un ataque interesante, no hay planes de que el mantenedor lo solucione, ya que estamos migrando a IoTivity Lite\"."}], "id": "CVE-2019-9750", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-13T19:29:00.347", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://jira.iotivity.org/browse/IOT-3267"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}