CVE-2014-5329 - OpenCVE

GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation. 8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Tripodworks	Gigapod 2010 Gigapod Officehard Gigapod 3 Firmware Gigapod 3 Gigapod Officehard Firmware Gigapod 2010 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:tripodworks:gigapod_officehard_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tripodworks:gigapod_officehard:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:tripodworks:gigapod_2010_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tripodworks:gigapod_2010:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:tripodworks:gigapod_3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tripodworks:gigapod_3:-:*:*:*:*:*:*:*

References

Link	Resource
https://jvn.jp/en/jp/JVN23809730/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2023-09-08T02:52:41.251Z

Updated: 2023-09-08T02:52:41.251Z

Reserved: 2014-08-18T00:00:00.000Z

Link: CVE-2014-5329

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-09-08T03:15:07.387

Modified: 2023-09-14T16:12:01.977

Link: CVE-2014-5329

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tripodworks:gigapod_officehard_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB7A1124-19E8-41C7-AC57-2DBCC5D16D86", "versionEndIncluding": "3.04.03", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tripodworks:gigapod_officehard:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AC5BBBD-0779-43CC-A0F6-9BA62B331691", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tripodworks:gigapod_2010_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "49F0663C-C397-4788-836E-0EB810270EA9", "versionEndIncluding": "3.01.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tripodworks:gigapod_2010:-:*:*:*:*:*:*:*", "matchCriteriaId": "03E7B57D-B3FB-4E60-9B0A-C6D6FDE4BC54", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tripodworks:gigapod_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DFA2BF10-37C5-4B86-8572-ABB87AF6018B", "versionEndIncluding": "3.01.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tripodworks:gigapod_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BD9132E-0CB0-4F39-A156-35FE958A6129", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.\r\n8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition."}, {"lang": "es", "value": "Los servidores de archivos GIGAPOD (modelo de Dispositivo y modelo de Software) proporcionan dos interfaces web, 80/tcp y 443/tcp para la operaci\u00f3n del usuario, y 8001/tcp para la operaci\u00f3n administrativa. 8001/tcp es servido por una versi\u00f3n del servidor Apache HTTP que contiene un error en el manejo de solicitudes HTTP (CVE-2011-3192), que puede conducir a una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS)."}], "id": "CVE-2014-5329", "lastModified": "2023-09-14T16:12:01.977", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-08T03:15:07.387", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/jp/JVN23809730/"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}