Skip to main content

Improperly Implemented Security Check for Standard

CVE-2017-15664

Severity High
Score 7.5/10

Summary

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9121.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-358 - Improperly Implemented Security Check for Standard

The software does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

References

Advisory Timeline

  • Published