Sign-up

ID

VAR-201412-0592


CVE

CVE-2014-7255


TITLE

SEIL Series routers vulnerable to denial-of-service (DoS)

Trust: 0.8

sources: JVNDB: JVNDB-2014-000135

DESCRIPTION

Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 through 4.62, SEIL/X2 2.50 through 4.62, SEIL/B1 2.50 through 4.62, and SEIL/x86 Fuji 1.70 through 3.22 allow remote attackers to cause a denial of service (CPU and traffic consumption) via a large number of NTP requests within a short time, which causes unnecessary NTP responses to be sent. contain a denial-of-service (DoS) vulnerability due to an issue in processing NTP requests. Note that this vulnerability is different from JVN#04895240.By receiving a large volume of NTP request in a short time, the device might continue sending response packets. As a result, the device's resource may be consumed or the device may be exploited in a DDoS attack. SEIL is a series of router devices. SEIL Series Routers are prone to a remote denial-of-service vulnerability. The following products are vulnerable: SEIL/X1 versions 2.50 through 4.62 SEIL/X2 versions 2.50 through 4.62 SEIL/B1 versions 2.50 through 4.62 SEIL/x86 Fuji versions 1.70 through 3.22. SEIL routers

Trust: 2.52

sources: NVD: CVE-2014-7255 // JVNDB: JVNDB-2014-000135 // CNVD: CNVD-2014-08645 // BID: 71376 // VULHUB: VHN-75200

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-08645

AFFECTED PRODUCTS

vendor:iijmodel:seil b1scope:lteversion:4.62

Trust: 1.0

vendor:iijmodel:seil x86 fujiscope:gteversion:1.70

Trust: 1.0

vendor:iijmodel:seil b1scope:gteversion:2.50

Trust: 1.0

vendor:iijmodel:seil x86 fujiscope:lteversion:3.22

Trust: 1.0

vendor:iijmodel:seil x1scope:gteversion:2.50

Trust: 1.0

vendor:iijmodel:seil x2scope:lteversion:4.62

Trust: 1.0

vendor:iijmodel:seil x1scope:lteversion:4.62

Trust: 1.0

vendor:iijmodel:seil x2scope:gteversion:2.50

Trust: 1.0

vendor:internet initiativemodel:seil/b1scope:eqversion:2.50 to 4.62

Trust: 0.8

vendor:internet initiativemodel:seil/x1scope:eqversion:2.50 to 4.62

Trust: 0.8

vendor:internet initiativemodel:seil/x2scope:eqversion:2.50 to 4.62

Trust: 0.8

vendor:internet initiativemodel:seil/x86 fujiscope:eqversion:1.70 to 3.22

Trust: 0.8

vendor:internet initiativemodel:seil/x1scope:eqversion:2.50-4.62

Trust: 0.6

vendor:internet initiativemodel:seil/x2scope:eqversion:2.50-4.62

Trust: 0.6

vendor:internet initiativemodel:seil/b1scope:eqversion:2.50-4.62

Trust: 0.6

vendor:internet initiativemodel:seil/x86scope:eqversion:1.70-3.22

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:3.42

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:4.15

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:3.41

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:4.13

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:4.14

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:3.39

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:4.10

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:4.16

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:3.40

Trust: 0.6

vendor:iijmodel:seil b1scope:eqversion:3.43

Trust: 0.6

vendor:seilmodel:seil/x2scope:eqversion:3.75

Trust: 0.3

vendor:seilmodel:seil/x2scope:eqversion:3.12

Trust: 0.3

vendor:seilmodel:seil/x2scope:eqversion:3.11

Trust: 0.3

vendor:seilmodel:seil/x2scope:eqversion:2.52

Trust: 0.3

vendor:seilmodel:seil/x2scope:eqversion:2.51

Trust: 0.3

vendor:seilmodel:seil/x2scope:eqversion:2.50

Trust: 0.3

vendor:seilmodel:seil/x1scope:eqversion:3.75

Trust: 0.3

vendor:seilmodel:seil/x1scope:eqversion:3.12

Trust: 0.3

vendor:seilmodel:seil/x1scope:eqversion:3.11

Trust: 0.3

vendor:seilmodel:seil/x1scope:eqversion:2.52

Trust: 0.3

vendor:seilmodel:seil/x1scope:eqversion:2.51

Trust: 0.3

vendor:seilmodel:seil/x1scope:eqversion:2.50

Trust: 0.3

vendor:seilmodel:seil/b1scope:eqversion:3.75

Trust: 0.3

vendor:seilmodel:seil/b1scope:eqversion:3.12

Trust: 0.3

vendor:seilmodel:seil/b1scope:eqversion:3.11

Trust: 0.3

vendor:seilmodel:seil/b1scope:eqversion:2.60

Trust: 0.3

vendor:seilmodel:seil/b1scope:eqversion:2.52

Trust: 0.3

vendor:seilmodel:seil/b1scope:eqversion:2.51

Trust: 0.3

vendor:seilmodel:seil/b1scope:eqversion:2.50

Trust: 0.3

sources: CNVD: CNVD-2014-08645 // BID: 71376 // JVNDB: JVNDB-2014-000135 // CNNVD: CNNVD-201412-033 // NVD: CVE-2014-7255

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-7255
value: HIGH

Trust: 1.0

IPA: JVNDB-2014-000135
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-08645
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201412-033
value: HIGH

Trust: 0.6

VULHUB: VHN-75200
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-7255
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2014-000135
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2014-08645
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-75200
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2014-7255
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2014-08645 // VULHUB: VHN-75200 // JVNDB: JVNDB-2014-000135 // CNNVD: CNNVD-201412-033 // NVD: CVE-2014-7255

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.1

problemtype:CWE-Other

Trust: 0.8

problemtype:CWE-399

Trust: 0.1

sources: VULHUB: VHN-75200 // JVNDB: JVNDB-2014-000135 // NVD: CVE-2014-7255

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201412-033

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201412-033

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-000135

PATCH
title:Internet Initiative Japan Inc. websiteurl:http://www.seil.jp/support/security/a01510.html
Trust: 0.8
title:Patch for SEIL Series Routers Remote Denial of Service Vulnerability (CNVD-2014-08645)url:https://www.cnvd.org.cn/patchInfo/show/52345
Trust: 0.6
title:Multiple Internet Initiative Japan Inc. SEIL Repair measures of router remote denial of service vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125321
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-08645 // 
            
            
            
            JVNDB: JVNDB-2014-000135 // 
            
            
            
            CNNVD: CNNVD-201412-033

EXTERNAL IDS
db:NVDid:CVE-2014-7255
Trust: 3.4
db:JVNid:JVN21907573
Trust: 2.8
db:JVNDBid:JVNDB-2014-000135
Trust: 2.5
db:BIDid:71376
Trust: 1.0
db:CNNVDid:CNNVD-201412-033
Trust: 0.7
db:CNVDid:CNVD-2014-08645
Trust: 0.6
db:VULHUBid:VHN-75200
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-08645 // 
            
            
            
            VULHUB: VHN-75200 // 
            
            
            
            BID: 71376 // 
            
            
            
            JVNDB: JVNDB-2014-000135 // 
            
            
            
            CNNVD: CNNVD-201412-033 // 
            
            
            
            NVD: CVE-2014-7255

REFERENCES
url:http://jvn.jp/en/jp/jvn21907573/index.html
Trust: 2.8
url:http://www.seil.jp/support/security/a01510.html
Trust: 1.7
url:http://jvndb.jvn.jp/ja/contents/2014/jvndb-2014-000135.html
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-7255
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-7255
Trust: 0.8
url:http://www.securityfocus.com/bid/71376
Trust: 0.6
url:http://www.seil.jp/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2014-08645 // 
            
            
            
            VULHUB: VHN-75200 // 
            
            
            
            BID: 71376 // 
            
            
            
            JVNDB: JVNDB-2014-000135 // 
            
            
            
            CNNVD: CNNVD-201412-033 // 
            
            
            
            NVD: CVE-2014-7255

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 71376

SOURCES
db:CNVDid:CNVD-2014-08645
db:VULHUBid:VHN-75200
db:BIDid:71376
db:JVNDBid:JVNDB-2014-000135
db:CNNVDid:CNNVD-201412-033
db:NVDid:CVE-2014-7255

LAST UPDATE DATE
2025-04-13T23:31:35.854000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-08645date:2014-12-03T00:00:00
db:VULHUBid:VHN-75200date:2020-07-31T00:00:00
db:BIDid:71376date:2014-12-01T00:00:00
db:JVNDBid:JVNDB-2014-000135date:2014-12-09T00:00:00
db:CNNVDid:CNNVD-201412-033date:2020-08-03T00:00:00
db:NVDid:CVE-2014-7255date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-08645date:2014-12-03T00:00:00
db:VULHUBid:VHN-75200date:2014-12-05T00:00:00
db:BIDid:71376date:2014-12-01T00:00:00
db:JVNDBid:JVNDB-2014-000135date:2014-12-01T00:00:00
db:CNNVDid:CNNVD-201412-033date:2014-12-02T00:00:00
db:NVDid:CVE-2014-7255date:2014-12-05T17:59:03.993