mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
148 lines
5.8 KiB
JSON
148 lines
5.8 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-8751",
|
|
"ASSIGNER": "psirt@sick.de",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product\u2019s IP\naddress over Sopas ET. \nThis can lead to Denial of Service. \nUsers are recommended to upgrade both\nMSC800 and MSC800 LFT to version V4.26 and S2.93.20 respectively which fixes this issue."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-306 Missing Authentication for Critical Function",
|
|
"cweId": "CWE-306"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "SICK AG",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "SICK MSC800",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"lessThanOrEqual": "<=V4.25",
|
|
"status": "affected",
|
|
"version": "V1.0",
|
|
"versionType": "custom"
|
|
},
|
|
{
|
|
"lessThanOrEqual": "<=S2.93.19",
|
|
"status": "affected",
|
|
"version": "S1.0",
|
|
"versionType": "custom"
|
|
}
|
|
],
|
|
"defaultStatus": "affected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://sick.com/psirt",
|
|
"refsource": "MISC",
|
|
"name": "https://sick.com/psirt"
|
|
},
|
|
{
|
|
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF",
|
|
"refsource": "MISC",
|
|
"name": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
|
|
},
|
|
{
|
|
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices",
|
|
"refsource": "MISC",
|
|
"name": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
|
|
},
|
|
{
|
|
"url": "https://www.first.org/cvss/calculator/3.1",
|
|
"refsource": "MISC",
|
|
"name": "https://www.first.org/cvss/calculator/3.1"
|
|
},
|
|
{
|
|
"url": "https://www.sick.com/.well-known/csaf/white/2024/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.sick.com/.well-known/csaf/white/2024/"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.2.0"
|
|
},
|
|
"source": {
|
|
"discovery": "INTERNAL"
|
|
},
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "Customers who use the version <=V4.25 are strongly recommended to upgrade to the latest\nrelease V4.26\n\n<br>"
|
|
}
|
|
],
|
|
"value": "Customers who use the version <=V4.25 are strongly recommended to upgrade to the latest\nrelease V4.26"
|
|
},
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "Customers who use the version <=S2.93.19 are strongly recommended to upgrade to the\nlatest release S2.93.20.\n\n<br>"
|
|
}
|
|
],
|
|
"value": "Customers who use the version <=S2.93.19 are strongly recommended to upgrade to the\nlatest release S2.93.20."
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |