Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMEFBAE115200F541965C87F131839BC2A215E7E16869C38A30DDC7E69401C200B
HistorySep 23, 2021 - 1:31 a.m.

Security Bulletin: Vulnerabilities in net-snmp affect Power Hardware Management Console (CVE-2014-3565)

2021-09-2301:31:39
www.ibm.com
12

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.093 Low

EPSS

Percentile

93.8%

JSON

Summary

net-snmp is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.

Vulnerability Details

CVEID: CVE-2014-3565
DESCRIPTION: Net-SNMP is vulnerable to a denial of service, caused by the improper handling of SNMP traps when started with the “-OQ” option. By sending an SNMP trap message containing a variable with a NULL type, a remote attacker could exploit this vulnerability to cause snmptrapd to crash.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/95638 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

Power HMC V7.3.0.0
Power HMC V7.8.0.0
Power HMC V7.9.0.0
Power HMC V8.1.0.0
Power HMC V8.2.0.0
Power HMC V8.3.0.0

Remediation/Fixes

The following fixes are available on IBM Fix Central

Product

|

VRMF

|

APAR

|

Remediation/Fix

—|—|—|—

Power HMC

|

V7.730.0 SP1

|

MB03964

|

Apply eFix MH01569

Power HMC

|

V7.780.0 SP1

|

MB03965

|

Apply eFix MH01570

Power HMC

|

V7.790.0 SP1

|

MB03966

|

Apply eFix MH01571

Power HMC

|

V8.8.1.0 SP2

|

MB03967

|

Apply eFix MH01572

Power HMC

|

V8.8.2.0 SP2

|

MB03968

|

Apply eFix MH01573

Power HMC

|

V8.8.3.0 SP1

|

MB03969

|

Apply eFix MH01574

Workarounds and Mitigations

None

Related

ibm 11
nessus 23
oraclelinux 2
openvas 11
securityvulns 6
freebsd 1
debiancve 1
gentoo 1
veracode 1
f5 2
fedora 3
centos 2
redhat 2
mageia 1
prion 1
ubuntucve 1
cve 1
cloudfoundry 1
ubuntu 1
ibm
ibm
Security Bulletin: Vulnerability in Net-SNMP affects PowerKVM (CVE-2014-3565)
2018-06-18 01:30:37
Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Intrusion Prevention System (CVE-2014-3565)
2022-02-23 19:48:26
Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Protection (CVE-2014-3565)
2018-06-16 21:30:23
nessus
nessus
CentOS 7 : net-snmp (CESA-2015:2345)
2015-12-02 00:00:00
FreeBSD : net-snmp -- snmptrapd crash (4622635f-37a1-11e5-9970-14dae9d210b8)
2015-08-03 00:00:00
CentOS 6 : net-snmp (CESA-2015:1385)
2015-07-28 00:00:00
oraclelinux
oraclelinux
net-snmp security and bug fix update
2015-11-23 00:00:00
net-snmp security and bug fix update
2015-07-28 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2015-2345)
2015-11-24 00:00:00
Oracle: Security Advisory (ELSA-2015-1385)
2015-10-06 00:00:00
Fedora Update for net-snmp FEDORA-2014-10099
2014-09-11 00:00:00
securityvulns
securityvulns
[ MDVSA-2014:184 ] net-snmp
2014-09-29 00:00:00
[USN-2711-1] Net-SNMP vulnerabilities
2015-08-24 00:00:00
snmplib / snmpd DoS
2015-04-20 00:00:00
freebsd
freebsd
net-snmp -- snmptrapd crash
2014-07-31 00:00:00
debiancve
debiancve
CVE-2014-3565
2014-10-07 14:55:00
gentoo
gentoo
SNMP: Denial of service
2015-07-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:06:52
f5
f5
K17315 : SNMP vulnerability CVE-2014-3565
2015-09-29 00:00:00
SOL17315 - SNMP vulnerability CVE-2014-3565
2015-09-28 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: net-snmp-5.7.2-15.fc19
2014-09-10 13:27:10
[SECURITY] Fedora 20 Update: net-snmp-5.7.2-18.fc20
2014-09-09 22:10:31
[SECURITY] Fedora 21 Update: net-snmp-5.7.2-23.fc21
2014-09-23 05:00:09
centos
centos
net security update
2015-07-26 14:12:35
net security update
2015-11-30 19:45:16
redhat
redhat
(RHSA-2015:2345) Moderate: net-snmp security and bug fix update
2015-11-19 13:36:48
(RHSA-2015:1385) Moderate: net-snmp security and bug fix update
2015-07-22 00:00:00
mageia
mageia
Updated net-snmp packages fix CVE-2014-3565
2014-09-05 13:07:37
prion
prion
Design/Logic Flaw
2014-10-07 14:55:00
ubuntucve
ubuntucve
CVE-2014-3565
2014-10-07 00:00:00
cve
cve
CVE-2014-3565
2014-10-07 14:55:00
cloudfoundry
cloudfoundry
USN-2711-1 Net-SNMP Vulnerabilities | Cloud Foundry
2015-10-07 00:00:00
ubuntu
ubuntu
Net-SNMP vulnerabilities
2015-08-17 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.093 Low

EPSS

Percentile

93.8%

JSON
Related for EFBAE115200F541965C87F131839BC2A215E7E16869C38A30DDC7E69401C200B
ibm11nessus23oraclelinux2openvas11securityvulns6freebsd1debiancve1gentoo1veracode1f52fedora3centos2redhat2mageia1prion1ubuntucve1cve1cloudfoundry1ubuntu1