- Description
- The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64376FCB-5116-41F4-9861-FFC98FB4D116"
},
{
"criteria": "cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3BAC804-6AC8-4952-A06F-1AAB3A3F93CC"
},
{
"criteria": "cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44C0744E-BD0D-4035-B29F-6BFA50DD7184"
}
],
"operator": "OR"
}
]
}
]