CVE-2018-10932 MEDIUM

CVE-2018-10932

Vendor Intel
Product lldptool
Weakness CWE-117
Published August 21, 2018
Last update August 5, 2024

CVSS base score

4.3/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.

Key dates

02Disclosure timeline

August 21, 2018 CVE published
August 5, 2024 Record updated