Vulnerabilities > CVE-2017-15665 - Improperly Implemented Security Check for Standard vulnerability in Flexense Diskboss 8.5.12

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

flexense

CWE-358

exploit available

NVD

Published: 2018-01-10

Updated: 2018-02-01

Summary

In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094.

Vulnerable Configurations

Part	Description	Count
Application	Flexense Flexense Diskboss 8.5.12	1

Common Weakness Enumeration (CWE)

CWE-358 - Improperly Implemented Security Check for Standard

Exploit-Db

description	DiskBoss Enterprise 8.5.12 - Denial of Service. CVE-2017-15665. Dos exploit for Windows platform
file	exploits/windows/dos/43454.py
id	EDB-ID:43454
last seen	2018-01-24
modified	2018-01-08
platform	windows
port
published	2018-01-08
reporter	Exploit-DB
source	https://www.exploit-db.com/download/43454/
title	DiskBoss Enterprise 8.5.12 - Denial of Service
type	dos

Packetstorm

data source	https://packetstormsecurity.com/files/download/145756/diskbossent8512-dos.txt
id	PACKETSTORM:145756
last seen	2018-01-10
published	2018-01-09
reporter	Ahmad Mahfouz
source	https://packetstormsecurity.com/files/145756/DiskBoss-Enterprise-8.5.12-Denial-Of-Service.html
title	DiskBoss Enterprise 8.5.12 Denial Of Service

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

Packetstorm

References