CVE-2014-0255

Published May 14, 2014

Last updated 3 months ago

CVSS info 5.0

Overview

Description: Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote Denial of Service Vulnerability."
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:datacenter:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25252F89-6608-4528-84A3-22FF5F4C1B6D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:enterprise:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BEDE277-49FA-42F2-AA4C-CCDB9AA3C9CA"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:enterprise_x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B15F7D7-162C-4C09-9A8B-CE69C7F0D4F6"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:hpc:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF307058-A746-4EC6-A4A2-41D176A33C3E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:standard:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "143017C2-3D62-4A9B-A7D5-0A14B010D913"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:storage:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00B17DB1-0DF9-4EC3-A6C3-8661EBA40E9C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:web:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D4CD8AF-D604-4C64-B5BE-C52B69A0B601"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32BCD530-F6E2-4F9B-AD4C-7DF2BED00296"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1318333-EF3A-4DBA-8DD7-367BF843F70D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74B5E7C1-6C1D-4605-91CF-AF105EFA678D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References