admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-238xx/CVE-2024-23814.json
cad-safe-bot 627729c313 Auto-Update: 2025-03-02T03:00:19.570958+00:00
2025-03-02 03:03:52 +00:00

104 lines
7.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-23814",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-02-11T11:15:12.430",
"lastModified": "2025-02-11T11:15:12.430",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (Todas las versiones &lt; V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (Todas las versiones &lt; V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (Todas las versiones &lt; V3.0.0), iFeatures de SCALANCE WUB762-1 (6GK5762-1AJ00-2AA0) (Todas las versiones &lt; V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (Todas las versiones &lt; V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (Todas las versiones &lt; V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (Todas las versiones &lt; V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (Todas las versiones &lt; V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (Todas las versiones &lt; V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (Todas las versiones &lt; V3.0.0), SCALANCE WUM766-1 (EE. UU.) (6GK5766-1GE00-3DB0) (Todas las versiones &lt; V3.0.0). El servicio ICMP integrado de la pila de red de los dispositivos afectados puede verse obligado a agotar sus recursos de memoria disponibles al recibir mensajes especialmente manipulados que tengan como objetivo el reensamblado de fragmentos de IP. Esto podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio temporal del servicio ICMP; otros servicios de comunicaci\u00f3n no se ven afectados. Los dispositivos afectados reanudar\u00e1n su funcionamiento normal una vez que finalice el ataque."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html",
"source": "productcert@siemens.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink