Nginx Vulnerabilities Jul 2017 - Oct 2019
Summary
Symantec SWG products using affected versions of Nginx may be susceptible to multiple Nginx vulnerabilities. A remote attacker can use crafted requests to obtain sensitive information or cause denial of service. An attacker can also obtain sensitive information or cause denial of service by triggering Nginx to stream crafted MP4 files.
Affected Product(s)
| Content Analysis (CA) | ||
| CVE | Supported Version(s) | Remediation |
| CVE-2017-7529 | 2.3 | Upgrade to later release with fixes. |
| 2.4 | Not available at this time | |
| 3.0 | Not vulnerable, fixed in 3.0.1.1 | |
| SSL Visibility (SSLV) | ||
| CVE | Supported Version(s) | Remediation |
| CVE-2017-7529 | 3.10, 3.12 | Upgrade to later release with fixes. |
| 4.5 and later | Not vulnerable, fixed in 4.5.1.1 | |
Additional Product Information
The following products are not vulnerable:
Advanced Secure Gateway (ASG)
AuthConnector
BCAAA
CacheFlow (CF)
Director
General Auth Connector Login Application
Integrated Secure Gateway (ISG)
HSM Agent for the Luna SP
Management Center (MC)
PacketShaper (PS) S-Series
PolicyCenter (PC) S-Series
ProxySG
Reporter
Security Analytics (SA)
Symantec Messaging Gateway (SMG)
Unified Agent
Web Isolation (WI)
WSS Agent
WSS Mobile Agent
X-Series XOS
Issue Details
| CVE-2017-7529 | |
| Severity / CVSS v3.0: | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) |
| References: | NVD: CVE-2017-7529 |
| Impact: | Information disclosure |
| Description: | An integer overflow in the range filter module allows a remote attacker to send crafted requests and obtain sensitive information from the target process memory. |
| CVE-2018-16843 | |
| Severity / CVSS v3.0: | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) |
| References: | NVD: CVE-2018-16843 |
| Impact: | Denial of service |
| Description: | A flaw in the HTTP/2 implementation allows a remote attacker to send crafted requests and cause denial of service through excessive memory consumption. |
| CVE-2018-16844 | |
| Severity / CVSS v3.0: | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) |
| References: | NVD: CVE-2018-16844 |
| Impact: | Denial of service |
| Description: | A flaw in the HTTP/2 implementation allows a remote attacker to send crafted requests and cause denial of service through excessive CPU consumption. |
| CVE-2018-16845 | |
| Severity / CVSS v3.0: | Medium / 6.1 (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H) |
| References: | NVD: CVE-2018-16845 |
| Impact: | Information disclosure, denial of service |
| Description: | A flaw in the ngx_http_mp4_module allows an attacker to use a crafted MP4 file to obtain sensitive information from the target process memory. The attacker can also cause denial of service through an infinite loop. The attacker needs to trigger nginx to process/stream the crafted MP4 file. |
| CVE-2019-9511 | |
| Severity / CVSS v3.0: | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) |
| References: | NVD: CVE-2019-9511 |
| Impact: | Denial of service |
| Description: | A flaw in the HTTP/2 implementation allows a remote attacker to send crafted requests and cause denial of service through excessive CPU or memory consumption. |
| CVE-2019-9513 | |
| Severity / CVSS v3.0: | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) |
| References: | NVD: CVE-2019-9513 |
| Impact: | Denial of service |
| Description: | A flaw in the HTTP/2 implementation allows a remote attacker to send crafted requests and cause denial of service through excessive CPU consumption. |
| CVE-2019-9516 | |
| Severity / CVSS v3.0: | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) |
| References: | NVD: CVE-2019-9516 |
| Impact: | Denial of service |
| Description: | A flaw in the HTTP/2 implementation allows a remote attacker to send crafted requests and cause denial of service through excessive memory consumption. |
Revisions
2022-06-09 Integrated Secure Gateway (ISG) is not vulnerable.
2021-04-26 PacketShaper (PS) S-Series and PolicyCenter (PC) S-Series are not vulnerable.
2021-02-18 A fix for CA 2.3 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2021-01-12 A fix for SSLV 3.10 and SSLV 3.12 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2020-05-06 initial public release