CVE-2018-15492

moderate-risk
Published 2018-08-18

A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.

Do I need to act?

-
0.35% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (1)

Sentinel License Manager

Affected Vendors

Gemalto

References (4)

Mitigation https://github.com/mspaling/sentinel-ddos-signature/blob/master/sentinel-ddos-si...
Third Party Advisory https://support.radware.com/app/answers/answer_view/a_id/17879/~/security-adviso...
Mitigation https://github.com/mspaling/sentinel-ddos-signature/blob/master/sentinel-ddos-si...
Third Party Advisory https://support.radware.com/app/answers/answer_view/a_id/17879/~/security-adviso...
32
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal