2020-01-21 21:01:18 +00:00
{
"CVE_data_meta" : {
2020-07-14 12:06:08 +02:00
"ASSIGNER" : "productcert@siemens.com" ,
2020-01-21 21:01:18 +00:00
"ID" : "CVE-2020-7587" ,
2020-07-14 12:06:08 +02:00
"STATE" : "PUBLIC"
} ,
"data_format" : "MITRE" ,
"data_version" : "4.0" ,
"data_type" : "CVE" ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "Siemens AG" ,
"product" : {
"product_data" : [
{
"product_name" : "Opcenter Execution Discrete" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions < V3.2"
}
]
}
} ,
{
"product_name" : "Opcenter Execution Foundation" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions < V3.2"
}
]
}
} ,
{
"product_name" : "Opcenter Execution Process" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions < V3.2"
}
]
}
} ,
{
"product_name" : "Opcenter Intelligence" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
} ,
{
"product_name" : "Opcenter Quality" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions < V11.3"
}
]
}
} ,
{
"product_name" : "Opcenter RD&L" ,
"version" : {
"version_data" : [
{
"version_value" : "V8.0"
}
]
}
} ,
{
"product_name" : "SIMATIC IT LMS" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
} ,
{
"product_name" : "SIMATIC IT Production Suite" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
} ,
{
"product_name" : "SIMATIC Notifier Server for Windows" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
} ,
{
"product_name" : "SIMATIC PCS neo" ,
"version" : {
"version_data" : [
{
2020-08-11 12:20:02 +02:00
"version_value" : "All versions < V3.0 SP1"
2020-07-14 12:06:08 +02:00
}
]
}
} ,
{
"product_name" : "SIMATIC STEP 7 (TIA Portal) V15" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
} ,
{
"product_name" : "SIMATIC STEP 7 (TIA Portal) V16" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions < V16 Update 2"
}
]
}
} ,
{
"product_name" : "SIMOCODE ES" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
} ,
{
"product_name" : "Soft Starter ES" ,
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
}
]
}
}
]
}
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
2020-01-21 21:01:18 +00:00
} ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2020-08-14 16:01:37 +00:00
"value" : "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions), Soft Starter ES (All versions). Sending multiple specially crafted packets to the affected service could cause a partial remote Denial-of-Service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service."
2020-07-14 12:06:08 +02:00
}
]
} ,
"references" : {
"reference_data" : [
{
2020-07-14 14:01:35 +00:00
"refsource" : "MISC" ,
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf" ,
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
2020-01-21 21:01:18 +00:00
}
]
}
}
