Lucene search

RedhatCVE-2015-5293

HistoryAug 24, 2017 - 8:29 p.m.

CVE-2015-5293

2017-08-2420:29:00

CWE-284

redhat

web.nvd.nist.gov

red hat

virtualization manager

ipv6

security vulnerability

communication

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.9%

JSON

Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when “boot protocol” is set to None, which might allow remote attackers to communicate with a system designated to be unreachable.

Affected configurations

Nvd

Node

redhatenterprise_virtualization_managerRange≤3.6.0

VendorProductVersionCPE
redhatenterprise_virtualization_manager*cpe:2.3:a:redhat:enterprise_virtualization_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	enterprise_virtualization_manager	*	cpe:2.3:a:redhat:enterprise_virtualization_manager::::::::

References

access.redhat.com/security/cve/CVE-2015-5293

bugzilla.redhat.com/show_bug.cgi?id=1267714

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.9%

JSON

Related for CVE-2015-5293