CVE-2018-1000115

Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.

Memcached 1.5.5 contiene una vulnerabilidad de control insuficiente de volumen de mensaje de red (amplificación de red, CWE-406) en el soporte UDP del servidor memcached que puede resultar en una denegación de servicio (DoS) mediante una inundación de red (fuentes fiables reportan una amplificación de tráfico de 1:50.000). Este ataque parece ser explotable mediante conectividad de red en el puerto UDP 11211. Parece ser que esta vulnerabilidad se ha solucionado en la versión 1.5.6 debido a que se deshabilita por defecto el protocolo UDP.

It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-03-05 CVE Reserved
2018-03-05 CVE Published
2024-08-05 CVE Updated
2024-08-05 First Exploit
2024-10-06 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (18)

URL	Tag	Source
https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html	Third Party Advisory
https://github.com/memcached/memcached/issues/348	Issue Tracking
https://github.com/memcached/memcached/wiki/ReleaseNotes156	Third Party Advisory
https://twitter.com/dormando/status/968579781729009664	Third Party Advisory
https://www.synology.com/support/security/Synology_SA_18_07	Third Party Advisory
https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211

URL	Date	SRC
https://www.exploit-db.com/exploits/44264	2024-08-05
https://www.exploit-db.com/exploits/44265	2024-08-05

URL	Date	SRC
https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974	2021-08-04

URL	Date	SRC
https://access.redhat.com/errata/RHBA-2018:2140	2021-08-04
https://access.redhat.com/errata/RHSA-2018:1593	2021-08-04
https://access.redhat.com/errata/RHSA-2018:1627	2021-08-04
https://access.redhat.com/errata/RHSA-2018:2331	2021-08-04
https://access.redhat.com/errata/RHSA-2018:2857	2021-08-04
https://usn.ubuntu.com/3588-1	2021-08-04
https://www.debian.org/security/2018/dsa-4218	2021-08-04
https://access.redhat.com/security/cve/CVE-2018-1000115	2018-10-02
https://bugzilla.redhat.com/show_bug.cgi?id=1551182	2018-10-02

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Memcached Search vendor "Memcached"		Memcached Search vendor "Memcached" for product "Memcached"				1.5.5 Search vendor "Memcached" for product "Memcached" and version "1.5.5"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				17.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "17.10"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Openstack Search vendor "Redhat" for product "Openstack"				8 Search vendor "Redhat" for product "Openstack" and version "8"		-		Affected
Redhat Search vendor "Redhat"		Openstack Search vendor "Redhat" for product "Openstack"				9 Search vendor "Redhat" for product "Openstack" and version "9"		-		Affected
Redhat Search vendor "Redhat"		Openstack Search vendor "Redhat" for product "Openstack"				10 Search vendor "Redhat" for product "Openstack" and version "10"		-		Affected
Redhat Search vendor "Redhat"		Openstack Search vendor "Redhat" for product "Openstack"				11 Search vendor "Redhat" for product "Openstack" and version "11"		-		Affected
Redhat Search vendor "Redhat"		Openstack Search vendor "Redhat" for product "Openstack"				12 Search vendor "Redhat" for product "Openstack" and version "12"		-		Affected