ID
VAR-201908-0256
CVE
CVE-2019-9582
TITLE
eQ-3 Homematic CCU2 Vulnerable to resource exhaustion
Trust: 0.8
DESCRIPTION
eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. eQ-3 Homematic CCU2 Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. eQ-3 HomeMatic CCU2 is a central control unit of a smart home system produced by German eQ-3 company. A resource management error vulnerability exists in the eQ-3 Homematic CCU2. An attacker could exploit this vulnerability to cause a denial of service
Trust: 1.71
AFFECTED PRODUCTS
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.41.8 | Trust: 1.0 |
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.45.6 | Trust: 1.0 |
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.47.10 | Trust: 1.0 |
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.41.5 | Trust: 1.0 |
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.45.7 | Trust: 1.0 |
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.41.9 | Trust: 1.0 |
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.47.15 | Trust: 1.0 |
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.35.16 | Trust: 1.0 |
| vendor: | eq 3 | model: | homematic ccu2 | scope: | eq | version: | 2.47.12 | Trust: 1.0 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.35.16 | Trust: 0.8 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.41.5 | Trust: 0.8 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.41.8 | Trust: 0.8 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.41.9 | Trust: 0.8 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.45.6 | Trust: 0.8 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.45.7 | Trust: 0.8 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.47.10 | Trust: 0.8 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.47.12 | Trust: 0.8 |
| vendor: | eq 3 | model: | ccu2 | scope: | eq | version: | 2.47.15 | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-noinfo | Trust: 1.0 |
| problemtype: | CWE-400 | Trust: 0.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Top Page | url: | https://www.eq-3.com/ | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-9582 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2019-008360 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201908-1077 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-161017 | Trust: 0.1 |
REFERENCES
| url: | https://github.com/psytester/psytester.github.io/blob/master/_posts/hacking_and_pentests/cves/2019-03-27-cve-2019-9582.md | Trust: 2.5 |
| url: | https://psytester.github.io/cve-2019-9582/ | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-9582 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9582 | Trust: 0.8 |
SOURCES
| db: | VULHUB | id: | VHN-161017 |
| db: | JVNDB | id: | JVNDB-2019-008360 |
| db: | CNNVD | id: | CNNVD-201908-1077 |
| db: | NVD | id: | CVE-2019-9582 |
LAST UPDATE DATE
2024-11-23T22:16:55.921000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-161017 | date: | 2020-08-24T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-008360 | date: | 2019-08-29T00:00:00 |
| db: | CNNVD | id: | CNNVD-201908-1077 | date: | 2020-08-25T00:00:00 |
| db: | NVD | id: | CVE-2019-9582 | date: | 2024-11-21T04:51:54.033 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-161017 | date: | 2019-08-14T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-008360 | date: | 2019-08-29T00:00:00 |
| db: | CNNVD | id: | CNNVD-201908-1077 | date: | 2019-08-14T00:00:00 |
| db: | NVD | id: | CVE-2019-9582 | date: | 2019-08-14T20:15:11.727 |