mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-31 18:51:16 +00:00
64 lines
2.8 KiB
JSON
64 lines
2.8 KiB
JSON
{
|
|
"id": "CVE-2023-52891",
|
|
"sourceIdentifier": "productcert@siemens.com",
|
|
"published": "2024-07-09T12:15:11.263",
|
|
"lastModified": "2024-11-21T08:40:48.800",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.5), SIMATIC Energy Manager PRO (All versions < V7.5), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMIT V10 (All versions), SIMIT V11 (All versions < V11.1). Unified Automation .NET based OPC UA Server SDK before 3.2.2 used in Siemens products are affected by a similar vulnerability as documented in CVE-2023-27321 for the OPC Foundation UA .NET Standard implementation. A successful attack may lead to high load situation and memory exhaustion, and may block the server."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se ha identificado una vulnerabilidad en SIMATIC Energy Manager Basic (todas las versiones < V7.5), SIMATIC Energy Manager PRO (todas las versiones < V7.5), SIMATIC IPC DiagBase (todas las versiones), SIMATIC IPC DiagMonitor (todas las versiones), SIMIT V10 (Todas las versiones), SIMIT V11 (Todas las versiones < V11.1). El SDK del servidor OPC UA basado en Unified Automation .NET anterior a 3.2.2 utilizado en productos Siemens se ve afectado por una vulnerabilidad similar a la documentada en CVE-2023-27321 para la implementaci\u00f3n del est\u00e1ndar OPC Foundation UA .NET. Un ataque exitoso puede provocar una situaci\u00f3n de carga elevada y agotamiento de la memoria, y puede bloquear el servidor."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "productcert@siemens.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "LOW"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "productcert@siemens.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-1325"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://cert-portal.siemens.com/productcert/html/ssa-088132.html",
|
|
"source": "productcert@siemens.com"
|
|
},
|
|
{
|
|
"url": "https://cert-portal.siemens.com/productcert/html/ssa-088132.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |