CVE-2015-5401
high
CVSS v3
7.5
VIR risk
7.5
Description
Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message.
Predictions
Exploit likelihood
83%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| teradata | teradata_express | 15.00.00 | |
| teradata | teradata_express | 15.10.00 | |
| teradata | teradata_gateway | {"endIncluding":"15.00.02.08"} | |
References
- http://www.fortiguard.com/advisory/FG-VD-15-038/
- http://www.securitytracker.com/id/1033005
- https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution
- http://www.fortiguard.com/advisory/FG-VD-15-038/
- http://www.securitytracker.com/id/1033005
- https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution
CWEs
CWE-20
💬 Discuss CVE-2015-5401 on VIR Community →
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.