// For flags

CVE-2015-5695

 

Severity Score

6.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.

Designate 2015.1.0 a 1.0.0.0b1, tal y como viene en OpenStack Kilo no ejecuta RecordSets por dominio y Records por cuotas de RecordSet cuando procesa una transferencia de archivos de zona interna, lo que puede permitir que los atacantes remotos causen una denegaciĆ³n de servicio (bucle infinito) mediante una serie de registros de recursos manipulados.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-07-28 CVE Reserved
  • 2017-08-31 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • 2024-09-12 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-400: Uncontrolled Resource Consumption
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openstack
Search vendor "Openstack"
Designate
Search vendor "Openstack" for product "Designate"
1.0.0.0b1
Search vendor "Openstack" for product "Designate" and version "1.0.0.0b1"
-
Affected
Openstack
Search vendor "Openstack"
Designate
Search vendor "Openstack" for product "Designate"
1.0.0a0
Search vendor "Openstack" for product "Designate" and version "1.0.0a0"
-
Affected
Openstack
Search vendor "Openstack"
Designate
Search vendor "Openstack" for product "Designate"
2015.1.0
Search vendor "Openstack" for product "Designate" and version "2015.1.0"
-
Affected