mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
392 lines
14 KiB
JSON
392 lines
14 KiB
JSON
{
|
|
"id": "CVE-2018-7851",
|
|
"sourceIdentifier": "cybersecurity@se.com",
|
|
"published": "2019-05-22T20:29:01.853",
|
|
"lastModified": "2022-04-19T15:35:23.353",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "CWE-119: Existe una vulnerabilidad de errores de b\u00fafer en Modicon M580 con firmware anterior a V2.50, Modicon M340 con firmware anterior a V3.01, BMxCRA312xx con firmware anterior a V2.40 y todas las versiones de firmware de Modicon Premium y 140CRA312xxx al enviar un paquete Modbus especialmente creado, que podr\u00eda generar una Denegaci\u00f3n de Servicio al dispositivo que forzar\u00eda un reinicio para restaurar la disponibilidad."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 6.5,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 2.8,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 6.8
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.0,
|
|
"impactScore": 6.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "cybersecurity@se.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:schneider-electric:m580_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "2.50",
|
|
"matchCriteriaId": "B538C424-0F99-4D98-AB1F-CFE9D07DA37B"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmeh582040:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4E6E5E62-BBA8-4370-A232-8E1196757C3E"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmeh582040c:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9C393EAE-D2A1-42BC-8CE8-2DCAC96EB769"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmeh584040:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E2A8BF9D-AFD1-4F19-A0DB-5EB6F343D890"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmeh584040c:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "63D48211-A734-4F98-A4D5-569268335757"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmeh586040:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "38D22DD5-677B-42E8-AE1F-11601D4BF110"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmeh586040c:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "79907FE7-B4B0-4732-9287-B7ED13115F6C"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:schneider-electric:m340_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "3.01",
|
|
"matchCriteriaId": "B8ED6BE5-14D0-4B3C-B00D-5274D9233247"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp341000:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A16F383D-5A23-4A71-B4D4-0701C5D6CB1B"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp341000h:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E0FE4485-1292-4367-8F67-17CD06360F31"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp342000:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5677FB24-CEAC-496B-8651-A78673643F02"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp3420102:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4195AD2-3D59-454F-AEE0-FCDC91F87BAB"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp3420102cl:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "63653E5B-4381-4820-A30C-42B56B042F0E"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp342020:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "97EA66E9-1236-4422-A983-B6CE13A9D674"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp342020h:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "00C86BFA-3372-4DF9-98AB-92570D35B551"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp3420302:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "210ED39B-6F9B-4D82-B983-2E04C5A03B82"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp3420302cl:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9DD1411B-8672-46F8-9D84-7B0A884C16EF"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxp3420302h:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B928B5AE-4BEB-40E2-801F-F72B5BEE1965"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:schneider-electric:bmx\\/e_cra_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "2.40",
|
|
"matchCriteriaId": "FB34942D-0DBD-43CB-847A-C5349EB9A92A"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxcra31200:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "887930A9-2577-4E69-AB81-0C8582A13F34"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:bmxcra31210c:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "46150F0B-D3A6-44C4-94A1-448D1B4294EB"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:schneider-electric:modicon_premium_firmware:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "619CFD8D-9652-4AAB-AFC4-796B3F10F61F"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:modicon_premium:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F00936E2-E6EF-4ABF-8666-7D83BE424F42"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:schneider-electric:140cra312xxx_firmware:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BCE700BF-EEFD-4349-9B33-432281EA23BE"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:schneider-electric:140cra312xxx:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8CC7AABD-9260-4F6C-A6C9-AE738263F90A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/",
|
|
"source": "cybersecurity@se.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |