Vulnerabilities > CVE-2017-15664 - Improperly Implemented Security Check for Standard vulnerability in Flexense Syncbreeze 10.1.16

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
flexense
CWE-358
exploit available

Summary

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9121.

Vulnerable Configurations

Part Description Count
Application
Flexense
1

Exploit-Db

descriptionSync Breeze Enterprise 10.1.16 - Denial of Service. CVE-2017-15664. Dos exploit for Windows platform
fileexploits/windows/dos/43453.py
idEDB-ID:43453
last seen2018-01-24
modified2018-01-08
platformwindows
port
published2018-01-08
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/43453/
titleSync Breeze Enterprise 10.1.16 - Denial of Service
typedos

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/145760/syncbreezeent10116-dos.txt
idPACKETSTORM:145760
last seen2018-01-10
published2018-01-09
reporterAhmad Mahfouz
sourcehttps://packetstormsecurity.com/files/145760/Sync-Breeze-Enterprise-10.1.16-Denial-Of-Service.html
titleSync Breeze Enterprise 10.1.16 Denial Of Service