CVE-2014-2852

Published Apr 14, 2014

Last updated 3 months ago

CVSS info 5.0

Overview

Description: OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "555DA1F4-5AE1-444C-B9F0-D19959AAC66D",
            "versionEndIncluding": "1.6.6"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8A71A1B-DCDC-4E72-9C46-49919E4F372C"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7150CE0E-A1EC-41EB-AD71-5B6C87289EEB"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EEFFEE0-C867-40F1-93F4-239EF1C6E2AF"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBD16CAA-1DF0-4BFC-AB76-AD06329080D1"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AC2FFCF-BC84-43FF-8162-C796D3E43317"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47FED822-5D5F-4299-9E17-865F9ADDCB09"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FED301E1-B19C-49D7-AF5D-20301BA53E60"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA403EE6-31FB-47A3-BDBE-72A4277A4EC9"
          },
          {
            "criteria": "cpe:2.3:a:openafs:openafs:1.6.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58385FBA-632C-49B4-8AD0-9B3585845955"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References