{
  "threat_severity" : "Low",
  "public_date" : "2015-03-31T00:00:00Z",
  "bugzilla" : {
    "description" : "avahi: Multicast DNS responds to unicast queries outside of local network",
    "id" : "1426712",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1426712"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.8",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-200",
  "details" : [ "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive  information from the responding device via port-5353 UDP packets.  NOTE: this may overlap CVE-2015-2809.", "A vulnerability was found in Avahi, where the avahi-daemon improperly handles responses to IPv6 unicast queries, a remote attacker could exploit this flaw by sending specially crafted port-5353 UDP packets, potentially causing a denial of service (traffic amplification) or leaking sensitive information." ],
  "statement" : "This vulnerability is rated as low severity because it allows a remote attacker to cause a denial of service or amplify traffic through crafted UDP packets, it could impact availability, it does not pose a significant risk to system integrity or confidentiality.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-03-31T00:00:00Z",
    "advisory" : "RHSA-2020:1176",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "avahi-0:0.6.31-20.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "avahi",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "avahi",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "avahi",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "avahi",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-6519\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-6519\nhttps://www.kb.cert.org/vuls/id/550620" ],
  "name" : "CVE-2017-6519",
  "mitigation" : {
    "value" : "Ensure UDP port 5353 is blocked in the firewall. Moreover, configure correctly the rate limiting options based on your needs (see ratelimit-interval-usec and ratelimit-burst options in /etc/avahi/avahi-daemon.conf).",
    "lang" : "en:us"
  },
  "csaw" : false
}