Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
Published 2018-03-05 14:29:00
Updated 2021-08-04 17:15:36
Source MITRE
View at NVD,   CVE.org
Vulnerability category: Denial of service

Products affected by CVE-2018-1000115

Threat overview for CVE-2018-1000115

Top countries where our scanners detected CVE-2018-1000115
Top open port discovered on systems with this issue 11211
IPs affected by CVE-2018-1000115 21
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2018-1000115!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2018-1000115

86.52%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2018-1000115

  • Memcached Stats Amplification Scanner
    Disclosure Date: 2018-02-27
    First seen: 2020-04-26
    auxiliary/scanner/memcached/memcached_amp
    This module can be used to discover Memcached servers which expose the unrestricted UDP port 11211. A basic "stats" request is executed to check if an amplification attack is possible against a third party. Authors: - Marek Majkowski - xistence <xistence@0x9

CVSS scores for CVE-2018-1000115

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
5.0
MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
NIST
7.5
HIGH CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.9
3.6
NIST

CWE ids for CVE-2018-1000115

References for CVE-2018-1000115

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!