New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 3.6
SynopsisThe remote device is missing a vendor-supplied security patch.
Descriptionres_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). (CVE-2015-5180)
For this vulnerability, an attacker must have local access to the system and know how to make the glibc function trigger an exploit. The attacker may be able to dereference a NULL pointer and cause an application to restart.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K55001100.