CVE-2018-14568

HIGH

Suricata < 4.0.5 - Detection Bypass via TCP RST Handling

Title source: llm
STIX 2.1

Description

Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received).

References (4)

Core 4
Core References
Exploit, Third Party Advisory x_refsource_misc
https://redmine.openinfosecfoundation.org/issues/2501
Exploit, Third Party Advisory x_refsource_misc
https://github.com/kirillwow/ids_bypass

Scores

CVSS v3 7.5
EPSS 0.0200
EPSS Percentile 78.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

Status published
Products (1)
suricata-ids/suricata < 4.0.5
Published Jul 23, 2018
Tracked Since Feb 18, 2026