CVE-2015-8299

{"id": "CVE-2015-8299", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-08-29T15:29:00.580", "references": [{"url": "http://packetstormsecurity.com/files/134524/KNX-ETS-4.1.5-Build-3246-Buffer-Overflow.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://github.com/sbaresearch/advisories/tree/public/2015/knAx_20150101", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://packetstormsecurity.com/files/134524/KNX-ETS-4.1.5-Build-3246-Buffer-Overflow.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/sbaresearch/advisories/tree/public/2015/knAx_20150101", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote attackers to execute arbitrary code via a crafted KNXnet/IP UDP packet."}, {"lang": "es", "value": "Existe una vulnerabilidad de desbordamiento de b\u00fafer en el monitor de mensajes de grupo (Falcon) en KNX ETS 4.1.5 (Build 3246) que permite que los atacantes remotos ejecuten c\u00f3digo arbitrario mediante un paquete UDP KNXnet/IP manipulado."}], "lastModified": "2024-11-21T02:38:14.913", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:knx:ets:4.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFC74BE1-42D6-4319-875C-B6B08EA5D528"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}