CVE-2014-7255

Published Dec 5, 2014

Last updated 4 years ago

CVSS high 7.5

Overview

Description: Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 through 4.62, SEIL/X2 2.50 through 4.62, SEIL/B1 2.50 through 4.62, and SEIL/x86 Fuji 1.70 through 3.22 allow remote attackers to cause a denial of service (CPU and traffic consumption) via a large number of NTP requests within a short time, which causes unnecessary NTP responses to be sent.
Source: vultures@jpcert.or.jp
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-400

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:iij:seil_b1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C82A0E-1814-42C6-BD5F-E226E9864874",
            "versionEndIncluding": "4.62",
            "versionStartIncluding": "2.50"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iij:seil_b1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "940A003E-562A-4CA9-9BED-0BE0D5D920AD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:iij:seil_x2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A86E5AB-95E6-437F-B5A8-4B3902AE7555",
            "versionEndIncluding": "4.62",
            "versionStartIncluding": "2.50"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iij:seil_x2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "16B0262C-DF1A-4A8B-B4D2-CCB9D71EFBFE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:iij:seil_x1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "300949E1-D258-429B-AE2B-0EDF582DB388",
            "versionEndIncluding": "4.62",
            "versionStartIncluding": "2.50"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iij:seil_x1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A3D0488C-1B4D-439F-BF9F-32582FE940CE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:iij:seil_x86_fuji_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51F8625D-5031-47A2-A606-AEA1F258465F",
            "versionEndIncluding": "3.22",
            "versionStartIncluding": "1.70"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iij:seil_x86_fuji:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FB961AA2-6D5C-4979-AE8A-80D6D2D48071"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References