var-201704-0902
Vulnerability from variot
SEIL/x86 Fuji 1.70 to 5.62, SEIL/BPV4 5.00 to 5.62, SEIL/X1 1.30 to 5.62, SEIL/X2 1.30 to 5.62, SEIL/B1 1.00 to 5.62 allows remote attackers to cause a denial of service via specially crafted IPv4 UDP packets. The DNS forwarder, the PPP Access Concentrator (L2TP) and the Measure(iPerf server) function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service (DoS) vulnerability due to a flaw in processing certain packets. Internet Initiative Japan Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Internet Initiative Japan Inc. coordinated under the Information Security Early Warning Partnership.Receiving a specially crafted SSTP packet may result in the device becoming unresponsive. The following products and versions are affected: SEIL/x86 Fuji versions 1.70 to 5.62, SEIL/BPV4 versions 5.00 to 5.62, SEIL/X1 versions 1.30 to 5.62, SEIL/X2 versions 1.30 to 5.62, SEIL/B1 versions 1.00 to 5.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0902",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "x1",
"scope": "eq",
"trust": 1.6,
"vendor": "seil",
"version": null
},
{
"model": "bpv 4",
"scope": "eq",
"trust": 1.6,
"vendor": "seil",
"version": null
},
{
"model": "x2",
"scope": "eq",
"trust": 1.6,
"vendor": "seil",
"version": null
},
{
"model": "b1",
"scope": "eq",
"trust": 1.6,
"vendor": "seil",
"version": null
},
{
"model": "x86 fuji",
"scope": "eq",
"trust": 1.6,
"vendor": "seil",
"version": null
},
{
"model": "seil/b1",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "1.00 to 5.62"
},
{
"model": "seil/bpv4",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "5.00 to 5.62"
},
{
"model": "seil/x1",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "1.30 to 5.62"
},
{
"model": "seil/x2",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "1.30 to 5.62"
},
{
"model": "seil/x86 fuji",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "1.70 to 5.62"
},
{
"model": "seil/b1",
"scope": "gte",
"trust": 0.6,
"vendor": "internet initiative",
"version": "1.00,\u003c=5.62"
},
{
"model": "seil/bpv4",
"scope": "gte",
"trust": 0.6,
"vendor": "internet initiative",
"version": "5.00,\u003c=5.62"
},
{
"model": "seil/x1",
"scope": "gte",
"trust": 0.6,
"vendor": "internet initiative",
"version": "1.30,\u003c=5.62"
},
{
"model": "seil/x2",
"scope": "gte",
"trust": 0.6,
"vendor": "internet initiative",
"version": "1.30,\u003c=5.62"
},
{
"model": "seil/x86 fuji",
"scope": "gte",
"trust": 0.6,
"vendor": "internet initiative",
"version": "1.70,\u003c=5.62"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-095"
},
{
"db": "NVD",
"id": "CVE-2017-2153"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:iij:seil%2Fb1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:iij:seil%2Fbpv4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:iij:seil%2Fx1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:iij:seil%2Fx2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:iij:seil_x86_fuji",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
}
]
},
"cve": "CVE-2017-2153",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2153",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-000071",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-07494",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-110356",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2153",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-000071",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2153",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2017-000071",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-07494",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-095",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110356",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"db": "VULHUB",
"id": "VHN-110356"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-095"
},
{
"db": "NVD",
"id": "CVE-2017-2153"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SEIL/x86 Fuji 1.70 to 5.62, SEIL/BPV4 5.00 to 5.62, SEIL/X1 1.30 to 5.62, SEIL/X2 1.30 to 5.62, SEIL/B1 1.00 to 5.62 allows remote attackers to cause a denial of service via specially crafted IPv4 UDP packets. The DNS forwarder, the PPP Access Concentrator (L2TP) and the Measure(iPerf server) function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service (DoS) vulnerability due to a flaw in processing certain packets. Internet Initiative Japan Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Internet Initiative Japan Inc. coordinated under the Information Security Early Warning Partnership.Receiving a specially crafted SSTP packet may result in the device becoming unresponsive. The following products and versions are affected: SEIL/x86 Fuji versions 1.70 to 5.62, SEIL/BPV4 versions 5.00 to 5.62, SEIL/X1 versions 1.30 to 5.62, SEIL/X2 versions 1.30 to 5.62, SEIL/B1 versions 1.00 to 5.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2153"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"db": "VULHUB",
"id": "VHN-110356"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2153",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVN86171513",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-095",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-07494",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-110356",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"db": "VULHUB",
"id": "VHN-110356"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-095"
},
{
"db": "NVD",
"id": "CVE-2017-2153"
}
]
},
"id": "VAR-201704-0902",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"db": "VULHUB",
"id": "VHN-110356"
}
],
"trust": 1.162307692
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07494"
}
]
},
"last_update_date": "2024-11-23T22:49:06.914000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Information from Internet Initiative Japan Inc.",
"trust": 0.8,
"url": "http://www.seil.jp/support/security/a01783.html"
},
{
"title": "Patch for Multiple Internet Initiative Japan Product Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/94414"
},
{
"title": "Multiple Internet Initiative Japan Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69770"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-095"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110356"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"db": "NVD",
"id": "CVE-2017-2153"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://jvn.jp/en/jp/jvn86171513/index.html"
},
{
"trust": 1.7,
"url": "http://www.seil.jp/support/security/a01783.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2153"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2153"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110356"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-095"
},
{
"db": "NVD",
"id": "CVE-2017-2153"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"db": "VULHUB",
"id": "VHN-110356"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-095"
},
{
"db": "NVD",
"id": "CVE-2017-2153"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"date": "2017-04-28T00:00:00",
"db": "VULHUB",
"id": "VHN-110356"
},
{
"date": "2017-04-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"date": "2017-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-095"
},
{
"date": "2017-04-28T16:59:02.060000",
"db": "NVD",
"id": "CVE-2017-2153"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07494"
},
{
"date": "2017-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-110356"
},
{
"date": "2017-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-000071"
},
{
"date": "2017-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-095"
},
{
"date": "2024-11-21T03:22:59.820000",
"db": "NVD",
"id": "CVE-2017-2153"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SEIL Series routers vulnerable to denial-of-service (DoS)",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-000071"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-095"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…