Vulnerability Description
The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a crafted URL.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Garrettcom | Magnum 10K Firmware | <= 4.5.5 |
| Garrettcom | Magnum 6K Firmware | <= 4.5.5 |
Related Weaknesses (CWE)
References
- http://www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdfVendor Advisory
- http://www.securityfocus.com/bid/75228
- https://ics-cert.us-cert.gov/advisories/ICSA-15-167-01Third Party AdvisoryUS Government Resource
- http://www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdfVendor Advisory
- http://www.securityfocus.com/bid/75228
- https://ics-cert.us-cert.gov/advisories/ICSA-15-167-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2015-3961?
CVE-2015-3961 is a vulnerability with a CVSS score of 3.5 (LOW). The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a ...
How severe is CVE-2015-3961?
CVE-2015-3961 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3961?
Check the references section above for vendor advisories and patch information. Affected products include: Garrettcom Magnum 10K Firmware, Garrettcom Magnum 6K Firmware.