Lucene search

[email protected]NVD:CVE-2014-7249

HistoryDec 19, 2014 - 11:59 a.m.

CVE-2014-7249

2014-12-1911:59:01

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON

Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request.

Affected configurations

Nvd

Node

alliedtelesiscentrecom_ar415s_firmwareRange≤2.9.1-20

AND

alliedtelesiscentrecom_ar415s

Node

alliedtelesisat-8624t\/2m_firmwareRange≤2.9.1-20

AND

alliedtelesisat-8624t\/2m

Node

alliedtelesisar442s_firmwareRange≤2.9.1-20

AND

alliedtelesisar442sMatch-

Node

alliedtelesisat-9924t_firmwareRange≤2.9.1-20

AND

alliedtelesisat-9924t

Node

alliedtelesisat-8848_firmwareRange≤2.9.1-20

AND

alliedtelesisat-8848

Node

alliedtelesisrapier_48i_firmwareRange≤2.9.1-20

AND

alliedtelesisrapier_48i

Node

alliedtelesiscentrecom_ar450s_firmwareRange≤2.9.1-20

AND

alliedtelesiscentrecom_ar450s

Node

alliedtelesisar745_firmwareRange≤2.9.1-20

AND

alliedtelesisar745Match-

Node

alliedtelesisar441s_firmwareRange≤2.9.1-20

AND

alliedtelesisar441sMatch-

Node

alliedtelesiscentrecom_9924sp_firmwareRange≤2.9.1-20

AND

alliedtelesiscentrecom_9924sp

Node

alliedtelesisswitchblade4000_firmwareRange≤2.9.1-20

AND

alliedtelesisswitchblade4000

Node

alliedtelesisat-8624poe_firmwareRange≤2.9.1-20

AND

alliedtelesisat-8624poe

Node

alliedtelesiscentrecom_9924t\/4sp_firmwareRange≤2.9.1-20

AND

alliedtelesiscentrecom_9924t\/4sp

Node

alliedtelesisat-9816gb_firmwareRange≤2.9.1-20

AND

alliedtelesisat-9816gb

Node

alliedtelesisat-9924ts_firmwareRange≤2.9.1-20

AND

alliedtelesisat-9924ts

Node

alliedtelesisar750s_firmwareRange≤2.9.1-20

AND

alliedtelesisar750sMatch-

Node

alliedtelesiscentrecom_ar570s_firmwareRange≤2.9.1-20

AND

alliedtelesiscentrecom_ar570s

Node

alliedtelesiscentrecom_8948xl_firmwareRange≤2.9.1-20

AND

alliedtelesiscentrecom_8948xl

Node

alliedtelesisat-8648t\/2sp_firmwareRange≤2.9.1-20

AND

alliedtelesisat-8648t\/2sp

Node

alliedtelesiscentrecom_8700sl_firmwareRange≤2.9.1-20

AND

alliedtelesiscentrecom_ar8700sl

Node

alliedtelesisar750s-dp_firmwareRange≤2.9.1-20

AND

alliedtelesisar750s-dpMatch-

Node

alliedtelesiscentrecom_ar550s_firmwareRange≤2.9.1-20

AND

alliedtelesiscentrecom_ar550s

Node

alliedtelesisat-8748xl_firmwareRange≤2.9.1-20

AND

alliedtelesisat-8748xl

Node

alliedtelesisar440s_firmwareRange≤2.9.1-20

AND

alliedtelesisar440sMatch-

VendorProductVersionCPE
alliedtelesiscentrecom_ar415s_firmware*cpe:2.3:o:alliedtelesis:centrecom_ar415s_firmware:*:*:*:*:*:*:*:*
alliedtelesiscentrecom_ar415s*cpe:2.3:h:alliedtelesis:centrecom_ar415s:*:*:*:*:*:*:*:*
alliedtelesisat-8624t\/2m_firmware*cpe:2.3:o:alliedtelesis:at-8624t\/2m_firmware:*:*:*:*:*:*:*:*
alliedtelesisat-8624t\/2m*cpe:2.3:h:alliedtelesis:at-8624t\/2m:*:*:*:*:*:*:*:*
alliedtelesisar442s_firmware*cpe:2.3:o:alliedtelesis:ar442s_firmware:*:*:*:*:*:*:*:*
alliedtelesisar442s-cpe:2.3:h:alliedtelesis:ar442s:-:*:*:*:*:*:*:*
alliedtelesisat-9924t_firmware*cpe:2.3:o:alliedtelesis:at-9924t_firmware:*:*:*:*:*:*:*:*
alliedtelesisat-9924t*cpe:2.3:h:alliedtelesis:at-9924t:*:*:*:*:*:*:*:*
alliedtelesisat-8848_firmware*cpe:2.3:o:alliedtelesis:at-8848_firmware:*:*:*:*:*:*:*:*
alliedtelesisat-8848*cpe:2.3:h:alliedtelesis:at-8848:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
alliedtelesis	centrecom_ar415s_firmware	*	cpe:2.3:o:alliedtelesis:centrecom_ar415s_firmware::::::::
alliedtelesis	centrecom_ar415s	*	cpe:2.3:h:alliedtelesis:centrecom_ar415s::::::::
alliedtelesis	at-8624t\/2m_firmware	*	cpe:2.3:o:alliedtelesis:at-8624t\/2m_firmware::::::::
alliedtelesis	at-8624t\/2m	*	cpe:2.3:h:alliedtelesis:at-8624t\/2m::::::::
alliedtelesis	ar442s_firmware	*	cpe:2.3:o:alliedtelesis:ar442s_firmware::::::::
alliedtelesis	ar442s	-	cpe:2.3:h:alliedtelesis:ar442s:-:::::::*
alliedtelesis	at-9924t_firmware	*	cpe:2.3:o:alliedtelesis:at-9924t_firmware::::::::
alliedtelesis	at-9924t	*	cpe:2.3:h:alliedtelesis:at-9924t::::::::
alliedtelesis	at-8848_firmware	*	cpe:2.3:o:alliedtelesis:at-8848_firmware::::::::
alliedtelesis	at-8848	*	cpe:2.3:h:alliedtelesis:at-8848::::::::

Rows per page:

1-10 of 481

References

jvn.jp/en/jp/JVN22440986/index.html

jvndb.jvn.jp/jvndb/JVNDB-2014-000132

www.allied-telesis.co.jp/support/list/faq/vuls/20141111aen.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON

Related for NVD:CVE-2014-7249

jvn1 cve1 prion1 cvelist1