Lucene search

[email protected]NVD:CVE-2015-7256

HistorySep 28, 2017 - 1:29 a.m.

CVE-2015-7256

2017-09-2801:29:00

CWE-310

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys.

Affected configurations

NVD

Node

zyxelnwa1100-n_firmwareMatch-

AND

zyxelnwa1100-nMatch-

Node

zyxelnwa1100-nh_firmwareMatch-

AND

zyxelnwa1100-nhMatch-

Node

zyxelnwa1121-ni_firmwareMatch-

AND

zyxelnwa1121-niMatch-

Node

zyxelnwa1123-ac_firmwareMatch-

AND

zyxelnwa1123-acMatch-

Node

zyxelnwa1123-ni_firmwareMatch-

AND

zyxelnwa1123-niMatch-

Node

zyxelp-660hn-51_firmwareMatch-

AND

zyxelp-660hn-51Match-

Node

zyxelp-663hn-51_firmwareMatch-

AND

zyxelp-663hn-51Match-

Node

zyxelvmg1312-b10a_firmwareMatch-

AND

zyxelvmg1312-b10aMatch-

Node

zyxelvmg1312-b30a_firmwareMatch-

AND

zyxelvmg1312-b30aMatch-

Node

zyxelvmg1312-b30b_firmwareMatch-

AND

zyxelvmg1312-b30bMatch-

Node

zyxelvmg4380-b10a_firmwareMatch-

AND

zyxelvmg4380-b10aMatch-

Node

zyxelvmg8324-b10a_firmwareMatch-

AND

zyxelvmg8324-b10aMatch-

Node

zyxelvmg8924-b10a_firmwareMatch-

AND

zyxelvmg8924-b10aMatch-

Node

zyxelvmg8924-b30a_firmwareMatch-

AND

zyxelvmg8924-b30aMatch-

Node

zyxelvsg1435-b101_firmwareMatch-

AND

zyxelvsg1435-b101Match-

Node

zyxelpmg5318-b20a_firmwareMatch-

AND

zyxelpmg5318-b20aMatch-

Node

zyxelsbg3300-n000_firmwareMatch-

AND

zyxelsbg3300-n000Match-

Node

zyxelsbg3300-nb00_firmwareMatch-

AND

zyxelsbg3300-nb00Match-

Node

zyxelsbg3500-n000_firmwareMatch-

AND

zyxelsbg3500-n000Match-

Node

zyxelgs1900-8_firmwareMatch-

AND

zyxelgs1900-8Match-

Node

zyxelgs1900-24_firmwareMatch-

AND

zyxelgs1900-24Match-

Node

zyxelc1000z_firmwareMatch-

AND

zyxelc1000zMatch-

Node

zyxelq1000_firmwareMatch-

AND

zyxelq1000Match-

Node

zyxelfr1000z_firmwareMatch-

AND

zyxelfr1000zMatch-

Node

zyxelp8702n_firmwareMatch-

AND

zyxelp8702nMatch-

References

www.kb.cert.org/vuls/id/566724

www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Related for NVD:CVE-2015-7256

cvelist1 cve1 prion1 nessus2 cert1 openvas2