CVE-2015-5401

Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
teradatateradata_express
15.00.00
teradatateradata_express
15.10.00
teradatateradata_gateway
𝑥
≤ 15.00.02.08
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.fortiguard.com/advisory/FG-VD-15-038/
http://www.securitytracker.com/id/1033005
https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution
http://www.fortiguard.com/advisory/FG-VD-15-038/
http://www.securitytracker.com/id/1033005
https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution