admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-12-30 05:58:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

added 2020-12524

Browse Source
This commit is contained in:
Jochen Becker 2020-12-02 12:08:42 +01:00
parent e1a74a4186
commit e6846a4abb
1 changed files with 118 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
2020/12xxx/CVE-2020-12524.json
View File

@ -1,18 +1,121 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-12524",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
"engine": "Vulnogram 0.0.9"
},
"CVE_data_meta": {
"ID": "CVE-2020-12524",
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-12-02T09:00:00.000Z",
"TITLE": "Phoenix Contact BTP Touch Panels uncontrolled resource consumption ",
"AKA": "",
"STATE": "PUBLIC"
},
"source": {
"defect": [
"vde-2020-047"
],
"advisory": "vde-2020-047",
"discovery": "EXTERNAL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Phoenix Contact",
"product": {
"product_data": [
{
"product_name": "BTP Touch Panel",
"version": {
"version_data": [
{
"version_name": "BTP 2043W (1050387)",
"version_affected": "=",
"version_value": "all versions",
"platform": ""
},
{
"version_name": "BTP 2070W (1046666)",
"version_affected": "=",
"version_value": "all versions",
"platform": ""
},
{
"version_name": "BTP 2102W (1046667)",
"version_affected": "=",
"version_value": "all versions",
"platform": ""
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service)."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-047",
"name": "https://cert.vde.com/en-us/advisories/vde-2020-047"
}
]
},
"configuration": [],
"impact": {
"cvss": {
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
},
"exploit": [],
"work_around": [
{
"lang": "eng",
"value": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on the recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note: https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf"
}
],
"solution": [],
"credit": [
{
"lang": "eng",
"value": "This vulnerability was discovered by Richard Thomas and Tom Chothia of University of Birmingham."
}
]
}