Vulnerabilities > CVE-2017-15662 - Improperly Implemented Security Check for Standard vulnerability in Flexense VX Search 10.1.12

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
flexense
CWE-358
exploit available

Summary

In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9123.

Vulnerable Configurations

Part Description Count
Application
Flexense
1

Exploit-Db

descriptionVX Search Enterprise 10.1.12 - Denial of Service. CVE-2017-15662. Dos exploit for Windows platform
fileexploits/windows/dos/43451.py
idEDB-ID:43451
last seen2018-01-24
modified2018-01-08
platformwindows
port
published2018-01-08
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/43451/
titleVX Search Enterprise 10.1.12 - Denial of Service
typedos

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/145764/vxsearchent10112-dos.txt
idPACKETSTORM:145764
last seen2018-01-10
published2018-01-09
reporterAhmad Mahfouz
sourcehttps://packetstormsecurity.com/files/145764/VX-Search-Enterprise-10.1.12-Denial-Of-Service.html
titleVX Search Enterprise 10.1.12 Denial Of Service