{ "id": "CVE-2020-7486", "sourceIdentifier": "cybersecurity@se.com", "published": "2020-04-16T19:15:34.823", "lastModified": "2022-02-03T14:24:29.800", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause TCM modules to reset when under high network load in TCM v10.4.x and in system v10.3.x. This vulnerability was discovered and remediated in version v10.5.x on August 13, 2009. TCMs from v10.5.x and on will no longer exhibit this behavior." }, { "lang": "es", "value": "**VERSI\u00d3N NO COMPATIBLE CUANDO SE ASIGN\u00d3** Una vulnerabilidad podr\u00eda causar que los m\u00f3dulos TCM se restablezcan cuando se encuentren bajo una alta carga de red en TCM versi\u00f3n v10.4.x y en el system versi\u00f3n v10.3.x. Esta vulnerabilidad fue descubierta y corregida en la versi\u00f3n v10.5.x el 13 de agosto de 2009. Los TCM a partir de la versi\u00f3n v10.5.x ya no mostrar\u00e1n este comportamiento." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-400" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351_firmware:10.3.x:*:*:*:*:*:*:*", "matchCriteriaId": "E790DC73-7F6F-452B-8B96-FCCD754518EB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351_firmware:10.4.x:*:*:*:*:*:*:*", "matchCriteriaId": "D4D61671-CD0D-40FF-BD87-A093C765E8DE" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4351:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CA997CF-D574-4D1B-B71F-A0EBB31303DA" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352_firmware:10.3.x:*:*:*:*:*:*:*", "matchCriteriaId": "57A739ED-A179-414E-B42A-34B68DC2A2B0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352_firmware:10.4.x:*:*:*:*:*:*:*", "matchCriteriaId": "5BC76821-5EF5-42E9-9456-5BE68A82C807" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4352:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A965FF8-A474-447E-84AE-ED902B47A3A3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351a_firmware:10.3.x:*:*:*:*:*:*:*", "matchCriteriaId": "A031568A-CFD6-4C08-AFF6-4B98C886DC6B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351a_firmware:10.4.x:*:*:*:*:*:*:*", "matchCriteriaId": "274D41C5-B915-4B51-9285-0B669A7BA9A7" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4351a:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D4D6502-A5D3-44A9-AF07-6717EADB98D0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351b_firmware:10.3.x:*:*:*:*:*:*:*", "matchCriteriaId": "99273E70-3A45-4BB1-88E6-B18E978A843E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351b_firmware:10.4.x:*:*:*:*:*:*:*", "matchCriteriaId": "63480CBF-C64A-40A4-B516-73F916192849" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4351b:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A46632D-151C-43D3-BFA3-72C87304AB8B" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352a_firmware:10.3.x:*:*:*:*:*:*:*", "matchCriteriaId": "278D4E5E-8AE5-455E-96AA-600B3014E784" }, { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352a_firmware:10.4.x:*:*:*:*:*:*:*", "matchCriteriaId": "4C5124C7-B4FF-429C-B5CD-C733617C7F12" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4352a:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4836B8C-1BEC-4076-928D-CBB403836BF2" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352b_firmware:10.3.x:*:*:*:*:*:*:*", "matchCriteriaId": "7A1C7148-99BB-41CE-A8C5-73ECE290FDBD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352b_firmware:10.4.x:*:*:*:*:*:*:*", "matchCriteriaId": "165FCAD0-AB79-4693-8C88-167C2941E887" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4352b:-:*:*:*:*:*:*:*", "matchCriteriaId": "89D4DE85-CC63-415C-9C07-8DE9C762AF3B" } ] } ] } ], "references": [ { "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01", "source": "cybersecurity@se.com", "tags": [ "Third Party Advisory", "US Government Resource" ] }, { "url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01", "source": "cybersecurity@se.com", "tags": [ "Vendor Advisory" ] } ] }