CVE-2018-20034
Description
A denial of service vulnerability in FlexNet Publisher lmgrd and vendor daemon allows remote attackers to stop heartbeat and shut down the vendor daemon.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A denial of service vulnerability in FlexNet Publisher lmgrd and vendor daemon allows remote attackers to stop heartbeat and shut down the vendor daemon.
Vulnerability
A Denial of Service vulnerability exists in FlexNet Publisher version 11.16.1.0 and earlier. The flaw occurs in the lmgrd and vendor daemon components when processing a specific combination of messages related to adding an item to a list, causing the heartbeat between lmgrd and the vendor daemon to stop.
Exploitation
An attacker can send a crafted combination of messages remotely without authentication. The attack does not require any special privileges or user interaction. The attacker must be able to communicate with the lmgrd or vendor daemon network service.
Impact
Successful exploitation causes the vendor daemon to shut down, resulting in a denial of service. This prevents legitimate users from obtaining licenses managed by FlexNet Publisher.
Mitigation
Flexera has not released a patch as of the publication date (2019-03-21). Users should upgrade to a version newer than 11.16.1.0 if available, or apply network access controls to limit exposure to trusted hosts only [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <=11.16.1.0
- Flexera Software LLC/FlexNet Publisherv5Range: 11.16.1.0 and earlier
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
3- www.securityfocus.com/bid/109155mitrevdb-entryx_refsource_BID
- secuniaresearch.flexerasoftware.com/advisories/85979/mitrex_refsource_CONFIRM
- www.oracle.com/security-alerts/cpuoct2021.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.