Sign-up

ID

VAR-201709-0222


CVE

CVE-2017-10856


TITLE

SEIL Series routers vulnerable to denial-of-service (DoS)

Trust: 0.8

sources: JVNDB: JVNDB-2017-000222

DESCRIPTION

SEIL/X 4.60 to 5.72, SEIL/B1 4.60 to 5.72, SEIL/x86 3.20 to 5.72, SEIL/BPV4 5.00 to 5.72 allows remote attackers to cause a temporary failure of the device's encrypted communications via a specially crafted packet. The IPsec/IKE function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service (DoS) vulnerability due to a flaw in processing certain packets. Internet Initiative Japan Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Internet Initiative Japan Inc. The following products and versions are affected: Internet Initiative Japan SEIL/X version 4.60 to 5.72; SEIL/B1 version 4.60 to 5.72; SEIL/x86 version 3.20 to 5.72; SEIL/BPV4 version 5.00 to 5.72

Trust: 1.71

sources: NVD: CVE-2017-10856 // JVNDB: JVNDB-2017-000222 // VULHUB: VHN-101220

AFFECTED PRODUCTS

vendor:seilmodel:x86 fujiscope:eqversion:3.20

Trust: 1.6

vendor:seilmodel:bpv 4scope:eqversion:5.00

Trust: 1.6

vendor:seilmodel:x86 fujiscope:eqversion:5.72

Trust: 1.6

vendor:seilmodel:x2scope:eqversion:4.60

Trust: 1.6

vendor:seilmodel:x1scope:eqversion:4.60

Trust: 1.6

vendor:seilmodel:x1scope:eqversion:5.72

Trust: 1.6

vendor:seilmodel:bpv 4scope:eqversion:5.72

Trust: 1.6

vendor:seilmodel:x2scope:eqversion:5.72

Trust: 1.6

vendor:seilmodel:b1scope:eqversion:4.60

Trust: 1.6

vendor:seilmodel:b1scope:eqversion:5.72

Trust: 1.6

vendor:internet initiativemodel:seil/b1scope:eqversion:4.60 to 5.72

Trust: 0.8

vendor:internet initiativemodel:seil/bpv4scope:eqversion:5.00 to 5.72

Trust: 0.8

vendor:internet initiativemodel:seil/xscope:eqversion:4.60 to 5.72

Trust: 0.8

vendor:internet initiativemodel:seil/x86scope:eqversion:3.20 to 5.72

Trust: 0.8

sources: JVNDB: JVNDB-2017-000222 // CNNVD: CNNVD-201709-781 // NVD: CVE-2017-10856

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-10856
value: LOW

Trust: 1.0

IPA: JVNDB-2017-000222
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201709-781
value: LOW

Trust: 0.6

VULHUB: VHN-101220
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-10856
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2017-000222
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-101220
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-10856
baseSeverity: LOW
baseScore: 3.7
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.0

Trust: 1.0

IPA: JVNDB-2017-000222
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-101220 // JVNDB: JVNDB-2017-000222 // CNNVD: CNNVD-201709-781 // NVD: CVE-2017-10856

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-20

Trust: 0.1

sources: VULHUB: VHN-101220 // NVD: CVE-2017-10856

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-781

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201709-781

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-000222

PATCH
title:Internet Initiative Japan Inc.url:http://www.seil.jp/support/security/a01811.html
Trust: 0.8
title:Multiple Internet Initiative Japan SEIL Repair measures for series router security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74953
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-000222 // 
            
            
            
            CNNVD: CNNVD-201709-781

EXTERNAL IDS
db:NVDid:CVE-2017-10856
Trust: 2.5
db:JVNid:JVN76692689
Trust: 2.5
db:JVNDBid:JVNDB-2017-000222
Trust: 0.8
db:CNNVDid:CNNVD-201709-781
Trust: 0.7
db:VULHUBid:VHN-101220
Trust: 0.1
sources:
            
            
            VULHUB: VHN-101220 // 
            
            
            
            JVNDB: JVNDB-2017-000222 // 
            
            
            
            CNNVD: CNNVD-201709-781 // 
            
            
            
            NVD: CVE-2017-10856

REFERENCES
url:https://jvn.jp/en/jp/jvn76692689/index.html
Trust: 2.5
url:http://www.seil.jp/support/security/a01811.html
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10856
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-10856
Trust: 0.8
sources:
            
            
            VULHUB: VHN-101220 // 
            
            
            
            JVNDB: JVNDB-2017-000222 // 
            
            
            
            CNNVD: CNNVD-201709-781 // 
            
            
            
            NVD: CVE-2017-10856

SOURCES
db:VULHUBid:VHN-101220
db:JVNDBid:JVNDB-2017-000222
db:CNNVDid:CNNVD-201709-781
db:NVDid:CVE-2017-10856

LAST UPDATE DATE
2025-04-20T23:37:49.150000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-101220date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2017-000222date:2018-02-28T00:00:00
db:CNNVDid:CNNVD-201709-781date:2019-10-23T00:00:00
db:NVDid:CVE-2017-10856date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:VULHUBid:VHN-101220date:2017-09-15T00:00:00
db:JVNDBid:JVNDB-2017-000222date:2017-09-11T00:00:00
db:CNNVDid:CNNVD-201709-781date:2017-09-28T00:00:00
db:NVDid:CVE-2017-10856date:2017-09-15T17:29:00.383