Vulnerability Details : CVE-2018-1000115
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2018-1000115
Probability of exploitation activity in the next 30 days: 96.92%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2018-1000115
-
Memcached Stats Amplification Scanner
Disclosure Date : 2018-02-27auxiliary/scanner/memcached/memcached_ampThis module can be used to discover Memcached servers which expose the unrestricted UDP port 11211. A basic "stats" request is executed to check if an amplification attack is possible against a third party. Authors: - Marek Majkowski - xistence <xi[email protected]> - Jon Hart <[email protected]>
CVSS scores for CVE-2018-1000115
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
[email protected] |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
[email protected] |
CWE ids for CVE-2018-1000115
-
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.Assigned by: [email protected] (Primary)
References for CVE-2018-1000115
-
https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974
Patch;Third Party Advisory
-
https://twitter.com/dormando/status/968579781729009664
Third Party Advisory
-
https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html
Third Party Advisory
-
https://www.exploit-db.com/exploits/44264/
Exploit;Third Party Advisory;VDB Entry
-
https://github.com/memcached/memcached/wiki/ReleaseNotes156
Third Party Advisory
-
https://www.synology.com/support/security/Synology_SA_18_07
Third Party Advisory
-
https://github.com/memcached/memcached/issues/348
Issue Tracking;Third Party Advisory
-
https://access.redhat.com/errata/RHBA-2018:2140
Third Party Advisory
-
https://www.debian.org/security/2018/dsa-4218
Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2857
Third Party Advisory
-
https://usn.ubuntu.com/3588-1/
Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2331
Third Party Advisory
-
https://www.exploit-db.com/exploits/44265/
Exploit;Third Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2018:1593
Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1627
Third Party Advisory
Products affected by CVE-2018-1000115
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.5.5:*:*:*:*:*:*:*