CVE-2021-4186
Description
Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.128
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-4186 are fixed in Wireshark (3.6.0) | Windows |
| Vulnerabilities CVE-2021-4186 are fixed in Wireshark (X64) (3.6.0) | Windows |
| Vulnerabilities CVE-2021-4181,CVE-2021-4182,CVE-2021-4184,CVE-2021-4185,CVE-2021-4186 are fixed in Wireshark 3.4.11 | Windows |
| Vulnerabilities CVE-2021-4181,CVE-2021-4182,CVE-2021-4184,CVE-2021-4185,CVE-2021-4186 are fixed in Wireshark x64 3.4.11 | Windows |
| Vulnerabilities CVE-2021-4186 are fixed in Wireshark x64 3.6.0 | Windows |
| Multiple Vulnerabilities are affected in WireShark For Mac 3.4.10 | Mac |
| SUSE-SU-2022:3309-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) wireshark-3.6.8-150000.3.74.1.x86_64_15_SP3.rpm | Linux |
| SUSE-SU-2022:3309-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libwsutil13-3.6.8-150000.3.74.1.x86_64_15_SP3.rpm | Linux |
| SUSE-SU-2022:3309-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libwiretap12-3.6.8-150000.3.74.1.x86_64_15_SP3.rpm | Linux |
| SUSE-SU-2022:3309-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libwireshark15-3.6.8-150000.3.74.1.x86_64_15_SP3.rpm | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-322524 | Wireshark (3.6.0) |
| PATCH-322525 | Wireshark (X64) (3.6.0) |
| PATCH-323050 | Wireshark (3.6.1) |
| PATCH-323051 | Wireshark (X64) (3.6.1) |
| PATCH-322525 | Wireshark (X64) (3.6.0) |
| PATCH-611905 | WireShark for Mac (Apple Silicon) (4.4.9) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234