admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-45xx/CVE-2023-4518.json
cad-safe-bot 0ce074f21b Auto-Update: 2024-09-23T14:00:22.872816+00:00
2024-09-23 14:03:22 +00:00

230 lines
7.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-4518",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2023-12-01T15:15:07.860",
"lastModified": "2024-09-23T13:15:04.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the input validation of the GOOSE \nmessages where out of range values received and processed \nby the IED caused a reboot of the device. In order for an \nattacker to exploit the vulnerability, goose receiving blocks need \nto be configured."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en la validaci\u00f3n de entrada de los mensajes GOOSE donde los valores fuera de rango recibidos y procesados por el IED provocaron un reinicio del dispositivo. Para que un atacante aproveche la vulnerabilidad, es necesario configurar los bloques receptores de ganso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
},
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.0",
"versionEndExcluding": "2.2.2.6",
"matchCriteriaId": "1C4B7DA8-BA72-48E5-9E21-33FB1881E952"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.3",
"versionEndExcluding": "2.2.3.7",
"matchCriteriaId": "4949214C-03DE-489E-80E3-7DC4EFED7ACA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.4",
"versionEndExcluding": "2.2.4.4",
"matchCriteriaId": "53D9E635-5BDA-4383-9FE5-4AFA4148A5E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.5",
"versionEndExcluding": "2.2.5.6",
"matchCriteriaId": "64A83135-6909-4838-9429-1046CA824723"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.4",
"versionEndExcluding": "2.2.4.4",
"matchCriteriaId": "612B2549-82F9-4B7F-BDBD-95A562BF1EAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.5",
"versionEndExcluding": "2.2.5.6",
"matchCriteriaId": "DC7C5065-1CEC-44DC-BF01-16FC02390583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A406AD0-38C5-4C32-AA88-AA45EE97C315"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8A74BD43-D925-483C-98F7-5F5C32D3B6F7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C658029-20F4-411A-B1FE-B4E07D590775"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.5",
"versionEndExcluding": "2.2.5.6",
"matchCriteriaId": "264C95EE-756F-434E-9FA1-DC7878CEEF61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5C50F4-CF04-4C13-868A-F7ECE49DE01B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7025C2A4-698E-408C-9567-8759B638AB90"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E73E9D1A-1DFE-4B7C-81F1-0809071A3DDB"
}
]
}
]
}
],
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000170&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink