CVE-2021-22191
Description
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.272
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2021-22191 are affected in Wireshark 3.4.3 | Windows |
| Vulnerabilities CVE-2021-22191 are affected in WireShark For Mac 3.2.11-rc0 | Mac |
| Vulnerabilities CVE-2021-22191 are affected in WireShark For Mac 3.4.3 | Mac |
| SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) libsbc1-1.3-3.2.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) sbc-devel-1.3-3.2.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) sbc-debuginfo-1.3-3.2.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) sbc-debugsource-1.3-3.2.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) libsbc1-debuginfo-1.3-3.2.1.x86_64.rpm | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-338541 | Wireshark (3.6.24) |
| PATCH-611905 | WireShark for Mac (Apple Silicon) (4.4.9) |
| PATCH-611905 | WireShark for Mac (Apple Silicon) (4.4.9) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234