Refine your search

1 vulnerability found for Shadankun Server Security Type by Cyber Security Cloud , Inc.

jvndb-2020-000060
Vulnerability from jvndb
Published
2020-08-31 14:41
Modified
2020-08-31 14:41
Severity ?
5.3 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
"Shadankun Server Security Type" vulnerable to denial-of-service (DoS)
Details
"Shadankun Server Security Type" provided by Cyber Security Cloud , Inc. contains a denial-of-service (DoS) vulnerability. When "Rule id"s assigned by the product's internal script overlap, it would not be able to add newly detected attack source IP addresses as the blocking targets (CWE-703). The overlaps of "Rule id"s occur under following conditions: * When multiple attack requests are sent from a large number of source IP addresses in under 10 microseconds * When attack requests from more than one source IP addresses occurred at the same time by the minute/10 microsecond to 100 millisecond units, but different time by the second
References
Impacted products
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000060.html",
  "dc:date": "2020-08-31T14:41+09:00",
  "dcterms:issued": "2020-08-31T14:41+09:00",
  "dcterms:modified": "2020-08-31T14:41+09:00",
  "description": "\"Shadankun Server Security Type\" provided by Cyber Security Cloud , Inc. contains a denial-of-service (DoS) vulnerability. When \"Rule id\"s assigned by the product\u0027s internal script overlap, it would not be able to add newly detected attack source IP addresses as the blocking targets (CWE-703).\r\n\r\n The overlaps of \"Rule id\"s occur under following conditions: \r\n* When multiple attack requests are sent from a large number of source IP addresses in under 10 microseconds\r\n* When attack requests from more than one source IP addresses occurred at the same time by the minute/10 microsecond to 100 millisecond units, but different time by the second",
  "link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000060.html",
  "sec:cpe": {
    "#text": "cpe:/a:shadan-kun:server_security_type",
    "@product": "Shadankun Server Security Type",
    "@vendor": "Cyber Security Cloud , Inc.",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "5.0",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
      "@version": "2.0"
    },
    {
      "@score": "5.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2020-000060",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN42665874/index.html",
      "@id": "JVN#42665874",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5622",
      "@id": "CVE-2020-5622",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5622",
      "@id": "CVE-2020-5622",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "\"Shadankun Server Security Type\" vulnerable to denial-of-service (DoS)"
}