Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-7266

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2014-7266
Last Modified 02 Feb 2015 05:50:50
Published 01 Feb 2015 10:59:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-7266

Summary

Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1983.

Vulnerable Systems

Application

  • Cybozu Remote Service Manager 2.3.0

  • Cybozu Remote Service Manager 3.1.0

  • Cybozu Remote Service Manager 3.1.1

  • Cybozu Remote Service Manager 3.1.2


References

CONFIRM - https://cs.cybozu.co.jp/2015/001245.html

JVNDB - JVNDB-2015-000001

JVN - JVN#13566542


Last Updated: 27 May 2016 11:07:39