CVE-2015-5401

Published: May 23, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message.

Affected (3)

Products: Teradata: Teradata Express, Teradata Gateway

Teradata

2 products

Teradata Express

Teradata Gateway

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Teradata Teradata Express	Version 15.00.00
Teradata Teradata Express	Version 15.10.00
Teradata Teradata Gateway	Up to 15.00.02.08

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://www.fortiguard.com/advisory/FG-VD-15-038/

Source: cve@mitre.org

Broken Link

http://www.securitytracker.com/id/1033005

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution

Source: cve@mitre.org

ExploitThird Party Advisory

http://www.fortiguard.com/advisory/FG-VD-15-038/

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.securitytracker.com/id/1033005

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.