mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
220 lines
6.3 KiB
JSON
220 lines
6.3 KiB
JSON
{
|
|
"id": "CVE-2014-7255",
|
|
"sourceIdentifier": "vultures@jpcert.or.jp",
|
|
"published": "2014-12-05T17:59:03.993",
|
|
"lastModified": "2020-07-31T11:13:20.827",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 through 4.62, SEIL/X2 2.50 through 4.62, SEIL/B1 2.50 through 4.62, and SEIL/x86 Fuji 1.70 through 3.22 allow remote attackers to cause a denial of service (CPU and traffic consumption) via a large number of NTP requests within a short time, which causes unnecessary NTP responses to be sent."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Los routers de la serie Internet Initiative Japan Inc. SEIL SEIL/X1 2.50 hasta 4.62, SEIL/X2 2.50 hasta 4.62, SEIL/B1 2.50 hasta 4.62, y SEIL/x86 Fuji 1.70 hasta 3.22 permiten a atacantes remotos causar una denegaci\u00f3n de saervicio (consumo de CPU y trafico) a trav\u00e9s de un n\u00famero grande de solicitudes NTP dentro de un tiempo corto, lo que causa el env\u00edo de respuestas NTP innecesarias."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-400"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:iij:seil_b1_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "2.50",
|
|
"versionEndIncluding": "4.62",
|
|
"matchCriteriaId": "33C82A0E-1814-42C6-BD5F-E226E9864874"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:iij:seil_b1:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "940A003E-562A-4CA9-9BED-0BE0D5D920AD"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:iij:seil_x2_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "2.50",
|
|
"versionEndIncluding": "4.62",
|
|
"matchCriteriaId": "0A86E5AB-95E6-437F-B5A8-4B3902AE7555"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:iij:seil_x2:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "16B0262C-DF1A-4A8B-B4D2-CCB9D71EFBFE"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:iij:seil_x1_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "2.50",
|
|
"versionEndIncluding": "4.62",
|
|
"matchCriteriaId": "300949E1-D258-429B-AE2B-0EDF582DB388"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:iij:seil_x1:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A3D0488C-1B4D-439F-BF9F-32582FE940CE"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:iij:seil_x86_fuji_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "1.70",
|
|
"versionEndIncluding": "3.22",
|
|
"matchCriteriaId": "51F8625D-5031-47A2-A606-AEA1F258465F"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:iij:seil_x86_fuji:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FB961AA2-6D5C-4979-AE8A-80D6D2D48071"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://jvn.jp/en/jp/JVN21907573/index.html",
|
|
"source": "vultures@jpcert.or.jp",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000135.html",
|
|
"source": "vultures@jpcert.or.jp",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.seil.jp/support/security/a01510.html",
|
|
"source": "vultures@jpcert.or.jp",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |