Sign-up

ID

VAR-201904-0496


CVE

CVE-2015-5606


TITLE

Vordel XML Gateway Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-008243

DESCRIPTION

Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service via a specially crafted request. Vordel XML Gateway Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Axway Vordel XML Gateway is a French Axway company's XML gateway with threat scanning and traffic control functions

Trust: 1.71

sources: NVD: CVE-2015-5606 // JVNDB: JVNDB-2015-008243 // VULHUB: VHN-83567

AFFECTED PRODUCTS

vendor:axwaymodel:vordel xml gatewayscope:eqversion:7.2.2

Trust: 1.8

sources: JVNDB: JVNDB-2015-008243 // NVD: CVE-2015-5606

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-5606
value: HIGH

Trust: 1.0

NVD: CVE-2015-5606
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201904-153
value: HIGH

Trust: 0.6

VULHUB: VHN-83567
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-5606
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-83567
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-5606
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-83567 // JVNDB: JVNDB-2015-008243 // CNNVD: CNNVD-201904-153 // NVD: CVE-2015-5606

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-83567 // JVNDB: JVNDB-2015-008243 // NVD: CVE-2015-5606

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201904-153

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201904-153

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-008243

PATCH
title:Top Pageurl:https://www.axway.com/en
Trust: 0.8
title:Vordel XML Gateway Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91074
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2015-008243 // 
            
            
            
            CNNVD: CNNVD-201904-153

EXTERNAL IDS
db:NVDid:CVE-2015-5606
Trust: 2.5
db:JVNDBid:JVNDB-2015-008243
Trust: 0.8
db:CNNVDid:CNNVD-201904-153
Trust: 0.7
db:VULHUBid:VHN-83567
Trust: 0.1
sources:
            
            
            VULHUB: VHN-83567 // 
            
            
            
            JVNDB: JVNDB-2015-008243 // 
            
            
            
            CNNVD: CNNVD-201904-153 // 
            
            
            
            NVD: CVE-2015-5606

REFERENCES
url:https://www.excellium-services.com/cert-xlm-advisory/cve-2015-5606/
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2015-5606
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5606
Trust: 0.8
sources:
            
            
            VULHUB: VHN-83567 // 
            
            
            
            JVNDB: JVNDB-2015-008243 // 
            
            
            
            CNNVD: CNNVD-201904-153 // 
            
            
            
            NVD: CVE-2015-5606

SOURCES
db:VULHUBid:VHN-83567
db:JVNDBid:JVNDB-2015-008243
db:CNNVDid:CNNVD-201904-153
db:NVDid:CVE-2015-5606

LAST UPDATE DATE
2024-11-23T23:11:53.865000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-83567date:2019-04-04T00:00:00
db:JVNDBid:JVNDB-2015-008243date:2019-05-09T00:00:00
db:CNNVDid:CNNVD-201904-153date:2019-07-05T00:00:00
db:NVDid:CVE-2015-5606date:2024-11-21T02:33:23.107

SOURCES RELEASE DATE
db:VULHUBid:VHN-83567date:2019-04-03T00:00:00
db:JVNDBid:JVNDB-2015-008243date:2019-05-09T00:00:00
db:CNNVDid:CNNVD-201904-153date:2019-04-03T00:00:00
db:NVDid:CVE-2015-5606date:2019-04-03T19:29:00.260