5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
IBM Security Proventia Network Active Bypass has addressed the following vulnerabilities. ( CVE-2015-8985)
CVEID:CVE-2015-8985**
DESCRIPTION: *glibc is vulnerable to a denial of service, caused by a flaw in the pop_fail_stack function. By using a specially crafted extended regular expression, a remote attacker could cause an assertion failure and application crash.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/126591 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
IBM Security 1G Network Active Bypass firmware version 1.X firmware levels 1.0.849 through 3.30.9-27
IBM Security 10G Network Active Bypass firmware versions 1.x firmware levels 1.0.1876 through 3.30.9-27
Product
| VRMF| Remediation/First Fix
—|—|—
IBM Security Proventia Network Active Bypass| 3.X | Proventia 1G NAB Update 23 (fw 3.30.10-37) IBM Security Proventia Network Active Bypass| 3.X| Proventia 10G NAB Update 20 (fw 3.30.10-37)
For IBM Security Proventia Network Active Bypass products at the following firmware versions:
IBM recommends upgrading to 3.30.10-37, the supported firmware release of the product.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security network active bypass | eq | 3.0 |
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P