CVE-2015-2914 - Vulnerability Details - OpenCVE

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote attackers to spoof responses by using this number for the destination port, a different vulnerability than CVE-2015-7296.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00337.

Key SSVC decision points have not yet been added.

Vendors	Products
Securifi	Almond Almond-2015 Almond-2015 Firmware Almond Firmware

Configuration 1 [-]

AND

cpe:2.3:o:securifi:almond_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:securifi:almond:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:securifi:almond-2015_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:securifi:almond-2015:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2015-3000	Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote attackers to spoof responses by using this number for the destination port, a different vulnerability than CVE-2015-7296.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www.kb.cert.org/vuls/id/906576

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2015-09-21T10:00:00

Updated: 2024-08-06T05:32:20.505Z

Reserved: 2015-04-03T00:00:00

Link: CVE-2015-2914

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-09-21T10:59:01.960

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-2914

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-09-10T00:00:00", "descriptions": [{"lang": "en", "value": "Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote attackers to spoof responses by using this number for the destination port, a different vulnerability than CVE-2015-7296."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-09-21T01:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "VU#906576", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/906576"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2015-2914", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote attackers to spoof responses by using this number for the destination port, a different vulnerability than CVE-2015-7296."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#906576", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/906576"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:32:20.505Z"}, "title": "CVE Program Container", "references": [{"name": "VU#906576", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/906576"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2015-2914", "datePublished": "2015-09-21T10:00:00", "dateReserved": "2015-04-03T00:00:00", "dateUpdated": "2024-08-06T05:32:20.505Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:securifi:almond_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0F8D06E-B50D-41E8-9B53-DB023EC5DB3A", "versionEndIncluding": "al1-r201exp10-l304-w33", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:securifi:almond:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1E395E7-282D-453B-9263-1147F1C68725", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:securifi:almond-2015_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCC7722A-CB7A-4E3E-9858-5601DB8BCA7C", "versionEndIncluding": "al2-r088", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:securifi:almond-2015:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9FB54DB-EC2A-43EC-9EE8-C0FAFADBD912", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote attackers to spoof responses by using this number for the destination port, a different vulnerability than CVE-2015-7296."}, {"lang": "es", "value": "Vulnerabilidad en dispositivos Securifi Almond con firmware anterior a AL1-R201EXP10-L304-W34 y dispositivos Almond-2015 con firmware anterior a AL2-R088M, usan un n\u00famero de puerto de origen fijo en consultas DNS de salida realizadas en nombre de cualquier dispositivo, lo cual hace m\u00e1s f\u00e1cil para atacantes remotos suplantar respuestas mediante el uso de este n\u00famero para el puerto de destino, una vulnerabilidad diferente a CVE-2015-7296."}], "evaluatorComment": "<a href=\"https://cwe.mitre.org/data/definitions/330.html\">CWE-330: Use of Insufficiently Random Values</a>", "id": "CVE-2015-2914", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-09-21T10:59:01.960", "references": [{"source": "cret@cert.org", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/906576"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/906576"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}