CVE-2015-7770

Dell SonicWall TotalSecure TZ 100 devices with firmware before 5.9.1.0-22o allow remote attackers to cause a denial of service via a crafted packet.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://jvn.jp/en/jp/JVN90135579/index.html	Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176	Vendor Advisory
http://www.securitytracker.com/id/1034092
http://jvn.jp/en/jp/JVN90135579/index.html	Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176	Vendor Advisory
http://www.securitytracker.com/id/1034092

Configurations

Configuration 1 (hide)

cpe:2.3:o:dell:sonicwall_totalsecure_tz_100_firmware:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:37

Type	Values Removed	Values Added
References	~~() http://jvn.jp/en/jp/JVN90135579/index.html - Vendor Advisory~~	() http://jvn.jp/en/jp/JVN90135579/index.html - Vendor Advisory
References	~~() http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176 - Vendor Advisory~~	() http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176 - Vendor Advisory
References	~~() http://www.securitytracker.com/id/1034092 -~~	() http://www.securitytracker.com/id/1034092 -

Information

Published : 2015-11-06 11:59

Updated : 2024-11-21 02:37

NVD link : CVE-2015-7770

Mitre link : CVE-2015-7770

CVE.ORG link : CVE-2015-7770

JSON object : View

Products Affected

dell

sonicwall_totalsecure_tz_100_firmware

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2015-7770", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-11-06T11:59:05.807", "references": [{"url": "http://jvn.jp/en/jp/JVN90135579/index.html", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "http://www.securitytracker.com/id/1034092", "source": "vultures@jpcert.or.jp"}, {"url": "http://jvn.jp/en/jp/JVN90135579/index.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000176", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1034092", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Dell SonicWall TotalSecure TZ 100 devices with firmware before 5.9.1.0-22o allow remote attackers to cause a denial of service via a crafted packet."}, {"lang": "es", "value": "La configuraci\u00f3n por defecto de sshd_config en Cisco Mobility Services Engine (MSE) hasta la versi\u00f3n 8.0.120.7 permite inicios de sesi\u00f3n mediante la cuenta oracle, lo que hace que sea m\u00e1s f\u00e1cil para atacantes remotos obtener acceso mediante la introducci\u00f3n de la contrase\u00f1a embebida de esta cuenta en una sesi\u00f3n SSH, tambi\u00e9n conocido como Bug ID CSCuv40501."}], "lastModified": "2024-11-21T02:37:22.537", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:sonicwall_totalsecure_tz_100_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38AD68D6-1FD2-4B4C-9404-118C6323DB01", "versionEndIncluding": "5.9.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "vultures@jpcert.or.jp"}