Details of VAR-201507-0371

ID

VAR-201507-0371

CVE

CVE-2015-4228

TITLE

Cisco Digital Content Manager Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-003352

DESCRIPTION

Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad servers to cause a denial of service (reboot) via malformed ad messages, aka Bug ID CSCur13999. Attackers can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCur13999. A security vulnerability exists in Cisco DCM version 15.0.0

Trust: 2.07

sources: NVD: CVE-2015-4228 // JVNDB: JVNDB-2015-003352 // BID: 75529 // VULHUB: VHN-82189 // VULMON: CVE-2015-4228

AFFECTED PRODUCTS

vendor:	cisco	model:	digital content manager	scope:	eq	version:	15.0.0	Trust: 2.4
vendor:	cisco	model:	digital content manager software	scope:	eq	version:	15.0	Trust: 0.3

sources: BID: 75529 // JVNDB: JVNDB-2015-003352 // CNNVD: CNNVD-201507-015 // NVD: CVE-2015-4228

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-4228
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-4228
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201507-015
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-82189
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2015-4228
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-4228
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-82189
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-82189 // VULMON: CVE-2015-4228 // JVNDB: JVNDB-2015-003352 // CNNVD: CNNVD-201507-015 // NVD: CVE-2015-4228

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-82189 // JVNDB: JVNDB-2015-003352 // NVD: CVE-2015-4228

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-015

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201507-015

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003352

PATCH

title:	39556	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=39556	Trust: 0.8
title:	Cisco: Cisco Digital Content Manager Message Processing Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=Cisco-SA-20150701-CVE-2015-4228	Trust: 0.1

sources: VULMON: CVE-2015-4228 // JVNDB: JVNDB-2015-003352

EXTERNAL IDS

db:	NVD	id:	CVE-2015-4228	Trust: 2.9
db:	JVNDB	id:	JVNDB-2015-003352	Trust: 0.8
db:	CNNVD	id:	CNNVD-201507-015	Trust: 0.7
db:	BID	id:	75529	Trust: 0.5
db:	VULHUB	id:	VHN-82189	Trust: 0.1
db:	VULMON	id:	CVE-2015-4228	Trust: 0.1

sources: VULHUB: VHN-82189 // VULMON: CVE-2015-4228 // BID: 75529 // JVNDB: JVNDB-2015-003352 // CNNVD: CNNVD-201507-015 // NVD: CVE-2015-4228

REFERENCES

url:	http://tools.cisco.com/security/center/viewalert.x?alertid=39556	Trust: 2.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4228	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4228	Trust: 0.8
url:	http://www.cisco.com/c/en/us/support/video/digital-content-manager-dcm-software/tsd-products-support-series-home.html	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/399.html	Trust: 0.1
url:	https://www.securityfocus.com/bid/75529	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150701-cve-2015-4228	Trust: 0.1

sources: VULHUB: VHN-82189 // VULMON: CVE-2015-4228 // BID: 75529 // JVNDB: JVNDB-2015-003352 // CNNVD: CNNVD-201507-015 // NVD: CVE-2015-4228

CREDITS

Cisco

Trust: 0.3

sources: BID: 75529

SOURCES

db:	VULHUB	id:	VHN-82189
db:	VULMON	id:	CVE-2015-4228
db:	BID	id:	75529
db:	JVNDB	id:	JVNDB-2015-003352
db:	CNNVD	id:	CNNVD-201507-015
db:	NVD	id:	CVE-2015-4228

LAST UPDATE DATE

2025-04-12T23:35:05.696000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-82189	date:	2015-07-02T00:00:00
db:	VULMON	id:	CVE-2015-4228	date:	2015-07-02T00:00:00
db:	BID	id:	75529	date:	2015-07-01T00:00:00
db:	JVNDB	id:	JVNDB-2015-003352	date:	2015-07-03T00:00:00
db:	CNNVD	id:	CNNVD-201507-015	date:	2015-07-03T00:00:00
db:	NVD	id:	CVE-2015-4228	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-82189	date:	2015-07-02T00:00:00
db:	VULMON	id:	CVE-2015-4228	date:	2015-07-02T00:00:00
db:	BID	id:	75529	date:	2015-07-01T00:00:00
db:	JVNDB	id:	JVNDB-2015-003352	date:	2015-07-03T00:00:00
db:	CNNVD	id:	CNNVD-201507-015	date:	2015-07-03T00:00:00
db:	NVD	id:	CVE-2015-4228	date:	2015-07-02T14:59:01.107