mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-08 22:18:22 +00:00
299 lines
9.0 KiB
JSON
299 lines
9.0 KiB
JSON
{
|
|
"id": "CVE-2022-33939",
|
|
"sourceIdentifier": "vultures@jpcert.or.jp",
|
|
"published": "2022-08-16T08:15:07.477",
|
|
"lastModified": "2022-08-17T15:47:55.317",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service (DoS) condition in ADL communication by sending a specially crafted packet to the affected product."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El controlador CENTUM VP / CS 3000 FCS (CP31, CP33, CP345, CP401 y CP451) contiene un problema en el procesamiento de paquetes de comunicaci\u00f3n, que puede conllevar a un consumo de recursos. Si es aprovechada esta vulnerabilidad, un atacante puede causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en la comunicaci\u00f3n ADL mediante el env\u00edo de un paquete especialmente dise\u00f1ado al producto afectado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-400"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_cp401_firmware:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "63BC221D-5F4B-40DE-932E-A411B92B99DA"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_cp401:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E8511463-A9DC-477B-882F-1744C84A84B9"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_cp451_firmware:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FB0CF365-F2FB-4161-B6CA-4B96A9C49E9F"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_cp451:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "07C79653-8637-48BC-BAE8-65EA4AF2BC24"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_cp33_firmware:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4D016D13-384F-44BF-BCE9-3877CB5578E3"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_cp33:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "43CEE4DB-B0E6-4601-8928-118CB2090835"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_cp345_firmware:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1BF734C4-21B3-4C37-9386-22FEE9B95839"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_cp345:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0F43D403-E27E-4577-A706-610CCB524470"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_cp31_firmware:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5DAC76A7-195B-41BA-8AAB-7367B107F42B"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_cp31:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "13E46D17-1D1F-4E5C-9598-AD7704984D2B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_vp_3000_cp401_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "r4.01.00",
|
|
"versionEndIncluding": "r4.03.00",
|
|
"matchCriteriaId": "D5911D80-4209-451B-AD55-98FDD11DFEB9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_vp_3000_cp401_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "r5.01.00",
|
|
"versionEndExcluding": "r5.04.78",
|
|
"matchCriteriaId": "618C10CD-59CE-4F7C-A772-B637881C0A76"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_vp_3000_cp401_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "r6.01.00",
|
|
"versionEndExcluding": "r6.03.10",
|
|
"matchCriteriaId": "D9069454-D559-4480-ABDD-EAD86FF627D6"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:yokogawa:centum_vp_3000_cp401:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EC4DA9A9-5049-428E-BCFC-ADF44F1F4343"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_vp_3000_cp451_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "r4.01.00",
|
|
"versionEndIncluding": "r4.03.00",
|
|
"matchCriteriaId": "7BA79528-86D3-49B8-AF88-D6158F8A6BB2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_vp_3000_cp451_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "r5.01.00",
|
|
"versionEndExcluding": "r5.04.78",
|
|
"matchCriteriaId": "617524B6-A350-42B1-8727-6DAEBE24EE1C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:yokogawa:centum_vp_3000_cp451_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "r6.01.00",
|
|
"versionEndExcluding": "r6.03.10",
|
|
"matchCriteriaId": "C90D42A8-0A32-46F1-A76D-505ADC636AFC"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:yokogawa:centum_vp_3000_cp451:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "512E272E-29BE-48F0-A49E-AC870706010A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://jvn.jp/vu/JVNVU94343729/index.html",
|
|
"source": "vultures@jpcert.or.jp",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://web-material3.yokogawa.com/1/33029/files/YSAR-22-0008-E.pdf",
|
|
"source": "vultures@jpcert.or.jp",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://web-material3.yokogawa.com/19/33029/files/YSAR-22-0008-J.pdf",
|
|
"source": "vultures@jpcert.or.jp",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |