Search

Find a vulnerability

Search criteria

    8 vulnerabilities by Wind River Systems

    CVE-2025-26500 (GCVE-0-2025-26500)

    Vulnerability from nvd – Published: 2025-03-21 22:20 – Updated: 2025-03-24 13:19
    VLAI
    Title
    VxWorks 7 USB Failure
    Summary
    : Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation.   Specifically crafted USB packets may lead to the system becoming unavailable This issue affects VxWorks 7: from 22.06 through 24.03.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Wind River Systems VxWorks 7 Affected: 22.06 , ≤ 24.03 (date)
    Create a notification for this product.
    Date Public
    2025-03-17 23:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-26500",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-24T13:19:25.092364Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-24T13:19:36.412Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "VxWorks"
              ],
              "product": "VxWorks 7",
              "vendor": "Wind River Systems",
              "versions": [
                {
                  "lessThanOrEqual": "24.03",
                  "status": "affected",
                  "version": "22.06",
                  "versionType": "date"
                }
              ]
            }
          ],
          "datePublic": "2025-03-17T23:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": ": Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation.\u0026nbsp;\u0026nbsp;\n\nSpecifically crafted USB packets may lead to the system becoming unavailable\n\n\u003cp\u003eThis issue affects VxWorks 7: from 22.06 through 24.03.\u003c/p\u003e"
                }
              ],
              "value": ": Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation.\u00a0\u00a0\n\nSpecifically crafted USB packets may lead to the system becoming unavailable\n\nThis issue affects VxWorks 7: from 22.06 through 24.03."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "None that are known.\u0026nbsp;"
                }
              ],
              "value": "None that are known."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-21T22:20:36.101Z",
            "orgId": "0bf9931a-6ebf-4f48-bd14-39ee5e1d61f8",
            "shortName": "WindRiver"
          },
          "references": [
            {
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2025-26500"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support2.windriver.com/index.php?page=cve\u0026amp;on=view\u0026amp;id=CVE-2025-26500\"\u003ehttps://support2.windriver.com/index.php?page=cve\u0026amp;on=view\u0026amp;id=CVE-2025-26500\u003c/a\u003e\u003cbr\u003e"
                }
              ],
              "value": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2025-26500"
            }
          ],
          "source": {
            "advisory": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE",
            "defect": [
              "Internal Testing"
            ],
            "discovery": "INTERNAL"
          },
          "title": "VxWorks 7 USB Failure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0bf9931a-6ebf-4f48-bd14-39ee5e1d61f8",
        "assignerShortName": "WindRiver",
        "cveId": "CVE-2025-26500",
        "datePublished": "2025-03-21T22:20:36.101Z",
        "dateReserved": "2025-02-11T20:11:10.092Z",
        "dateUpdated": "2025-03-24T13:19:36.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-26500 (GCVE-0-2025-26500)

    Vulnerability from cvelistv5 – Published: 2025-03-21 22:20 – Updated: 2025-03-24 13:19
    VLAI
    Title
    VxWorks 7 USB Failure
    Summary
    : Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation.   Specifically crafted USB packets may lead to the system becoming unavailable This issue affects VxWorks 7: from 22.06 through 24.03.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Wind River Systems VxWorks 7 Affected: 22.06 , ≤ 24.03 (date)
    Create a notification for this product.
    Date Public
    2025-03-17 23:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-26500",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-24T13:19:25.092364Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-24T13:19:36.412Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "VxWorks"
              ],
              "product": "VxWorks 7",
              "vendor": "Wind River Systems",
              "versions": [
                {
                  "lessThanOrEqual": "24.03",
                  "status": "affected",
                  "version": "22.06",
                  "versionType": "date"
                }
              ]
            }
          ],
          "datePublic": "2025-03-17T23:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": ": Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation.\u0026nbsp;\u0026nbsp;\n\nSpecifically crafted USB packets may lead to the system becoming unavailable\n\n\u003cp\u003eThis issue affects VxWorks 7: from 22.06 through 24.03.\u003c/p\u003e"
                }
              ],
              "value": ": Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation.\u00a0\u00a0\n\nSpecifically crafted USB packets may lead to the system becoming unavailable\n\nThis issue affects VxWorks 7: from 22.06 through 24.03."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "None that are known.\u0026nbsp;"
                }
              ],
              "value": "None that are known."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-21T22:20:36.101Z",
            "orgId": "0bf9931a-6ebf-4f48-bd14-39ee5e1d61f8",
            "shortName": "WindRiver"
          },
          "references": [
            {
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2025-26500"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support2.windriver.com/index.php?page=cve\u0026amp;on=view\u0026amp;id=CVE-2025-26500\"\u003ehttps://support2.windriver.com/index.php?page=cve\u0026amp;on=view\u0026amp;id=CVE-2025-26500\u003c/a\u003e\u003cbr\u003e"
                }
              ],
              "value": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2025-26500"
            }
          ],
          "source": {
            "advisory": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE",
            "defect": [
              "Internal Testing"
            ],
            "discovery": "INTERNAL"
          },
          "title": "VxWorks 7 USB Failure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0bf9931a-6ebf-4f48-bd14-39ee5e1d61f8",
        "assignerShortName": "WindRiver",
        "cveId": "CVE-2025-26500",
        "datePublished": "2025-03-21T22:20:36.101Z",
        "dateReserved": "2025-02-11T20:11:10.092Z",
        "dateUpdated": "2025-03-24T13:19:36.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2013-000023

    Vulnerability from jvndb - Published: 2013-03-18 14:43 - Updated:2013-06-25 18:15
    Severity
    N/A (UNKNOWN) - -
    Summary
    VxWorks Web Server vulnerable to denial-of-service (DoS)
    Details
    The VxWorks Web Server contains a denial-of-service vulnerability. The VxWorks Web Server contains a denial-of-service (DoS) vulnerability. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000023.html",
      "dc:date": "2013-06-25T18:15+09:00",
      "dcterms:issued": "2013-03-18T14:43+09:00",
      "dcterms:modified": "2013-06-25T18:15+09:00",
      "description": "The VxWorks Web Server contains a denial-of-service vulnerability.\r\n\r\nThe VxWorks Web Server contains a denial-of-service (DoS) vulnerability.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000023.html",
      "sec:cpe": {
        "#text": "cpe:/o:windriver:vxworks",
        "@product": "VxWorks",
        "@vendor": "Wind River Systems",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000023",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN41022517/index.html",
          "@id": "JVN#41022517",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0716",
          "@id": "CVE-2013-0716",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0716",
          "@id": "CVE-2013-0716",
          "@source": "NVD"
        },
        {
          "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
          "@id": "ICSA-13-091-01",
          "@source": "ICS-CERT ADVISORY"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "VxWorks Web Server vulnerable to denial-of-service (DoS)"
    }

    JVNDB-2013-000022

    Vulnerability from jvndb - Published: 2013-03-18 14:40 - Updated:2013-06-25 18:10
    Severity
    N/A (UNKNOWN) - -
    Summary
    VxWorks WebCLI vulnerable to denial-of-service (DoS)
    Details
    The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability. The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability due to an issue in parsing command strings. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000022.html",
      "dc:date": "2013-06-25T18:10+09:00",
      "dcterms:issued": "2013-03-18T14:40+09:00",
      "dcterms:modified": "2013-06-25T18:10+09:00",
      "description": "The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe VxWorks WebCLI contains a denial-of-service (DoS) vulnerability due to an issue in parsing command strings.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000022.html",
      "sec:cpe": {
        "#text": "cpe:/o:windriver:vxworks",
        "@product": "VxWorks",
        "@vendor": "Wind River Systems",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000022",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN65923092/index.html",
          "@id": "JVN#65923092",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0715",
          "@id": "CVE-2013-0715",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0715",
          "@id": "CVE-2013-0715",
          "@source": "NVD"
        },
        {
          "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
          "@id": "ICSA-13-091-01",
          "@source": "ICS-CERT ADVISORY"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "VxWorks WebCLI vulnerable to denial-of-service (DoS)"
    }

    JVNDB-2013-000021

    Vulnerability from jvndb - Published: 2013-03-18 14:38 - Updated:2013-06-25 18:06
    Severity
    N/A (UNKNOWN) - -
    Summary
    VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
    Details
    The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000021.html",
      "dc:date": "2013-06-25T18:06+09:00",
      "dcterms:issued": "2013-03-18T14:38+09:00",
      "dcterms:modified": "2013-06-25T18:06+09:00",
      "description": "The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing authentication requests.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000021.html",
      "sec:cpe": {
        "#text": "cpe:/o:windriver:vxworks",
        "@product": "VxWorks",
        "@vendor": "Wind River Systems",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000021",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN20671901/index.html",
          "@id": "JVN#20671901",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0714",
          "@id": "CVE-2013-0714",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0714",
          "@id": "CVE-2013-0714",
          "@source": "NVD"
        },
        {
          "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
          "@id": "ICSA-13-091-01",
          "@source": "ICS-CERT ADVISORY"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability"
    }

    JVNDB-2013-000018

    Vulnerability from jvndb - Published: 2013-03-18 14:33 - Updated:2013-06-25 17:54
    Severity
    N/A (UNKNOWN) - -
    Summary
    VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
    Details
    The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000018.html",
      "dc:date": "2013-06-25T17:54+09:00",
      "dcterms:issued": "2013-03-18T14:33+09:00",
      "dcterms:modified": "2013-06-25T17:54+09:00",
      "description": "The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS)  vulnerability.\r\n\r\nThe SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in processing authentication requests.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000018.html",
      "sec:cpe": {
        "#text": "cpe:/o:windriver:vxworks",
        "@product": "VxWorks",
        "@vendor": "Wind River Systems",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000018",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN45545972/index.html",
          "@id": "JVN#45545972",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0711",
          "@id": "CVE-2013-0711",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0711",
          "@id": "CVE-2013-0711",
          "@source": "NVD"
        },
        {
          "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
          "@id": "ICSA-13-091-01",
          "@source": "ICS-CERT ADVISORY"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability"
    }

    JVNDB-2013-000019

    Vulnerability from jvndb - Published: 2013-03-18 14:32 - Updated:2013-06-25 17:57
    Severity
    N/A (UNKNOWN) - -
    Summary
    VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
    Details
    The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing directly after the SSH connection is established. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000019.html",
      "dc:date": "2013-06-25T17:57+09:00",
      "dcterms:issued": "2013-03-18T14:32+09:00",
      "dcterms:modified": "2013-06-25T17:57+09:00",
      "description": "The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing directly after the SSH connection is established.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000019.html",
      "sec:cpe": {
        "#text": "cpe:/o:windriver:vxworks",
        "@product": "VxWorks",
        "@vendor": "Wind River Systems",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000019",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN01611135/index.html",
          "@id": "JVN#01611135",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0712",
          "@id": "CVE-2013-0712",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0712",
          "@id": "CVE-2013-0712",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability"
    }

    JVNDB-2013-000020

    Vulnerability from jvndb - Published: 2013-03-18 14:30 - Updated:2013-06-25 18:01
    Severity
    N/A (UNKNOWN) - -
    Summary
    VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
    Details
    The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000020.html",
      "dc:date": "2013-06-25T18:01+09:00",
      "dcterms:issued": "2013-03-18T14:30+09:00",
      "dcterms:modified": "2013-06-25T18:01+09:00",
      "description": "The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability.\r\n\r\nThe SSH server (IPSSH) implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests.\r\n\r\nHisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000020.html",
      "sec:cpe": {
        "#text": "cpe:/o:windriver:vxworks",
        "@product": "VxWorks",
        "@vendor": "Wind River Systems",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000020",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN52492830/index.html",
          "@id": "JVN#52492830",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0713",
          "@id": "CVE-2013-0713",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0713",
          "@id": "CVE-2013-0713",
          "@source": "NVD"
        },
        {
          "#text": "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01",
          "@id": "ICSA-13-091-01",
          "@source": "ICS-CERT ADVISORY"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability"
    }