ID
VAR-201705-2537
CVE
CVE-2015-5401
TITLE
Teradata Gateway and Teradata Express Service disruption in (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Teradata Gateway and Teradata Express There is a service disruption ( Database crash ) There are vulnerabilities that are put into a state.A remote attacker could create a malformed CONFIG REQUEST Service disruption via message ( Database crash ) There is a possibility of being put into a state. TeradataGateway and TDExpress are products of Teradata. The former is a gateway product, the latter is a free database software. There are security holes in TeradataGateway and TDExpress. Multiple Teradata Products are prone to a denial-of-service vulnerability. The following products are vulnerable: Teradata Gateway prior to 15.00.03.02-1, 15.10.x prior to 15.10.00.01-1 and Teradata Express prior to 15.00.02.08_Sles10 and 15.00.02.08_Sles11. Both Teradata Gateway and TD Express are products of Teradata Corporation of the United States. Security vulnerabilities exist in Teradata Gateway and TD Express
Trust: 1.62
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | teradata | model: | express | scope: | eq | version: | 15.10.00 | Trust: 1.6 |
| vendor: | teradata | model: | express | scope: | eq | version: | 15.00.00 | Trust: 1.6 |
| vendor: | teradata | model: | gateway | scope: | lte | version: | 15.00.02.08 | Trust: 1.0 |
| vendor: | teradata | model: | express | scope: | eq | version: | 15.00.02.08_sles11 | Trust: 0.8 |
| vendor: | teradata | model: | gateway | scope: | eq | version: | 15.10.00.01-1 | Trust: 0.8 |
| vendor: | teradata | model: | gateway | scope: | lt | version: | 15.10.x | Trust: 0.8 |
| vendor: | teradata | model: | gateway | scope: | lt | version: | 15.00.03.02-1 | Trust: 0.6 |
| vendor: | teradata | model: | gateway | scope: | eq | version: | 15.10.*<15.10.00.01-1 | Trust: 0.6 |
| vendor: | teradata | model: | td express <15.00.02.08 sles10 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | teradata | model: | td express <15.00.02.08 sles11 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | teradata | model: | gateway | scope: | eq | version: | 15.00.02.08 | Trust: 0.6 |
| vendor: | teradata | model: | gateway | scope: | eq | version: | 15.0.1 | Trust: 0.3 |
| vendor: | teradata | model: | gateway | scope: | eq | version: | 5.10 | Trust: 0.3 |
| vendor: | teradata | model: | express | scope: | eq | version: | 15.0.1 | Trust: 0.3 |
| vendor: | teradata | model: | express | scope: | eq | version: | 15.00 | Trust: 0.3 |
| vendor: | teradata | model: | gateway | scope: | ne | version: | 15.10.00.01-1 | Trust: 0.3 |
| vendor: | teradata | model: | gateway | scope: | ne | version: | 15.00.03.02-1 | Trust: 0.3 |
| vendor: | teradata | model: | express 15.00.02.08 sles11 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | teradata | model: | express 15.00.02.08 sles10 | scope: | ne | version: | - | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
input validation
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Teradata Vulnerability Announced: Big Potential Headaches For Big Data Solution | url: | http://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution | Trust: 0.8 |
| title: | The Teradata Gateway | url: | http://www.info.teradata.com/HTMLPubs/DB_TTU_15_00/index.html#page/Database_Management/B035_1093_015K/1093Chap19.043.42.html | Trust: 0.8 |
| title: | Teradata Express | url: | http://www.teradata.jp/products-and-services/teradata-express | Trust: 0.8 |
| title: | Patch for TeradataGateway and TDExpress Security Vulnerabilities | url: | https://www.cnvd.org.cn/patchInfo/show/95306 | Trust: 0.6 |
| title: | Teradata Gateway and TD Express Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70540 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-5401 | Trust: 3.4 |
| db: | SECTRACK | id: | 1033005 | Trust: 2.3 |
| db: | JVNDB | id: | JVNDB-2015-007566 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201705-1170 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2017-09374 | Trust: 0.6 |
| db: | BID | id: | 98655 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-83362 | Trust: 0.1 |
REFERENCES
| url: | http://www.fortiguard.com/advisory/fg-vd-15-038/ | Trust: 2.3 |
| url: | http://www.securitytracker.com/id/1033005 | Trust: 2.3 |
| url: | https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution | Trust: 2.0 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5401 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2015-5401 | Trust: 0.8 |
| url: | http://www.teradata.com/ | Trust: 0.3 |
CREDITS
Fortinet's FortiGuard Labs
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2017-09374 |
| db: | VULHUB | id: | VHN-83362 |
| db: | BID | id: | 98655 |
| db: | JVNDB | id: | JVNDB-2015-007566 |
| db: | CNNVD | id: | CNNVD-201705-1170 |
| db: | NVD | id: | CVE-2015-5401 |
LAST UPDATE DATE
2025-04-20T23:42:13.750000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2017-09374 | date: | 2017-06-13T00:00:00 |
| db: | VULHUB | id: | VHN-83362 | date: | 2017-06-06T00:00:00 |
| db: | BID | id: | 98655 | date: | 2017-05-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-007566 | date: | 2017-06-26T00:00:00 |
| db: | CNNVD | id: | CNNVD-201705-1170 | date: | 2017-05-24T00:00:00 |
| db: | NVD | id: | CVE-2015-5401 | date: | 2025-04-20T01:37:25.860 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2017-09374 | date: | 2017-06-14T00:00:00 |
| db: | VULHUB | id: | VHN-83362 | date: | 2017-05-23T00:00:00 |
| db: | BID | id: | 98655 | date: | 2017-05-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-007566 | date: | 2017-06-26T00:00:00 |
| db: | CNNVD | id: | CNNVD-201705-1170 | date: | 2017-05-24T00:00:00 |
| db: | NVD | id: | CVE-2015-5401 | date: | 2017-05-23T04:29:00.727 |