NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2015-7256

Summary	ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys.
Publication Date	Sept. 28, 2017, 10:29 a.m.
Registration Date	Jan. 26, 2021, 2:56 p.m.
Last Update	Nov. 21, 2024, 11:36 a.m.

CVSS3.0 : MEDIUM
スコア	5.9
Vector	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	高
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	高
完全性への影響(I)	なし
可用性への影響(A)	なし

CVSS2.0 : MEDIUM
Score	4.3
Vector	AV:N/AC:M/Au:N/C:P/I:N/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	なし
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:zyxel:nwa1100-n_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:nwa1100-n:-:::::::*

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:zyxel:nwa1100-nh_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:nwa1100-nh:-:::::::*

Configuration3		or higher	or less	more than	less than
cpe:2.3:o:zyxel:nwa1121-ni_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:nwa1121-ni:-:::::::*

Configuration4		or higher	or less	more than	less than
cpe:2.3:o:zyxel:nwa1123-ac_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:nwa1123-ac:-:::::::*

Configuration5		or higher	or less	more than	less than
cpe:2.3:o:zyxel:nwa1123-ni_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:nwa1123-ni:-:::::::*

Configuration6		or higher	or less	more than	less than
cpe:2.3:o:zyxel:p-660hn-51_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:p-660hn-51:-:::::::*

Configuration7		or higher	or less	more than	less than
cpe:2.3:o:zyxel:p-663hn-51_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:p-663hn-51:-:::::::*

Configuration8		or higher	or less	more than	less than
cpe:2.3:o:zyxel:vmg1312-b10a_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:vmg1312-b10a:-:::::::*

Configuration9		or higher	or less	more than	less than
cpe:2.3:o:zyxel:vmg1312-b30a_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:vmg1312-b30a:-:::::::*

Configuration10		or higher	or less	more than	less than
cpe:2.3:o:zyxel:vmg1312-b30b_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:vmg1312-b30b:-:::::::*

Configuration11		or higher	or less	more than	less than
cpe:2.3:o:zyxel:vmg4380-b10a_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:vmg4380-b10a:-:::::::*

Configuration12		or higher	or less	more than	less than
cpe:2.3:o:zyxel:vmg8324-b10a_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:vmg8324-b10a:-:::::::*

Configuration13		or higher	or less	more than	less than
cpe:2.3:o:zyxel:vmg8924-b10a_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:vmg8924-b10a:-:::::::*

Configuration14		or higher	or less	more than	less than
cpe:2.3:o:zyxel:vmg8924-b30a_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:vmg8924-b30a:-:::::::*

Configuration15		or higher	or less	more than	less than
cpe:2.3:o:zyxel:vsg1435-b101_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:vsg1435-b101:-:::::::*

Configuration16		or higher	or less	more than	less than
cpe:2.3:o:zyxel:pmg5318-b20a_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:pmg5318-b20a:-:::::::*

Configuration17		or higher	or less	more than	less than
cpe:2.3:o:zyxel:sbg3300-n000_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:sbg3300-n000:-:::::::*

Configuration18		or higher	or less	more than	less than
cpe:2.3:o:zyxel:sbg3300-nb00_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:sbg3300-nb00:-:::::::*

Configuration19		or higher	or less	more than	less than
cpe:2.3:o:zyxel:sbg3500-n000_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:sbg3500-n000:-:::::::*

Configuration20		or higher	or less	more than	less than
cpe:2.3:o:zyxel:gs1900-8_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:gs1900-8:-:::::::*

Configuration21		or higher	or less	more than	less than
cpe:2.3:o:zyxel:gs1900-24_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:gs1900-24:-:::::::*

Configuration22		or higher	or less	more than	less than
cpe:2.3:o:zyxel:c1000z_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:c1000z:-:::::::*

Configuration23		or higher	or less	more than	less than
cpe:2.3:o:zyxel:q1000_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:q1000:-:::::::*

Configuration24		or higher	or less	more than	less than
cpe:2.3:o:zyxel:fr1000z_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:fr1000z:-:::::::*

Configuration25		or higher	or less	more than	less than
cpe:2.3:o:zyxel:p8702n_firmware:-:::::::*
execution environment
1	cpe:2.3:h:zyxel:p8702n:-:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://www.kb.cert.org/vuls/id/566724		Third Party Advisory US Government Resource
2	http://www.kb.cert.org/vuls/id/566724		Third Party Advisory US Government Resource
3	http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml		Vendor Advisory
4	http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml		Vendor Advisory

Common Vulnerabilities List