admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-35xx/CVE-2023-3595.json
cad-safe-bot 379254fc70 Auto-Update: 2023-07-25T20:00:29.768653+00:00
2023-07-25 20:00:33 +00:00

415 lines
11 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-3595",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-07-12T13:15:09.880",
"lastModified": "2023-07-25T19:55:53.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B3185-B776-46C4-B47F-CE48861A422B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97AC710F-97B3-47A1-86EC-3148A21F16B2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7242493E-0B2A-4AF3-BF44-15D3D1DB0021"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA49358A-F76E-4DEC-994C-B988DE38BF7F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48F83304-EF89-48A4-AA0E-EBD5AE5E46E5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E5B08F-BD0C-4B3F-9897-61C945981CC6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E9CEA5-F039-484D-A234-1E3ADA352E32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB6A3C1-6419-4CDB-B7F5-57F20DA43C5A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCF431D-0F13-4037-BBDF-4199B5860CCA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E9D2541-B0DB-4925-ACD6-FCC2A028FA4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B8DEC1-3980-49E0-82B1-275FD7870EC9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13581B79-89FF-42F0-93C1-CB77582E7303"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F147B7-96D5-4C52-AE8C-C5A24A103290"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F71090C1-36AD-4A1B-92B5-CB391593DF4B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94271569-D658-4F95-B9A6-2C1DB2647EB2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4A8E21A-3826-497C-9F3D-6D9091AD7647"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEF2D94-6224-4877-9169-E5B0DB3FAA25"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8607CD0D-0EE7-41CF-8E00-C0F5C83646A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB58AD4-EA1F-4106-ADD1-52EF2592B92C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D58BA41B-3859-4489-9C74-730C27B1EFF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE90B141-E680-4D15-8BCE-8D58909A3679"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4824C266-82B1-4B74-AF72-BFCEF0547023"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01816E19-DF07-4A48-BC59-4A9918AE94FA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14CF3A11-7130-420A-B99E-8FADA7C23484"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010",
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink