admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-375xx/CVE-2023-37557.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

181 lines
6.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-37557",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-08-03T12:15:10.797",
"lastModified": "2023-08-08T15:43:40.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition."
},
{
"lang": "es",
"value": "Despu\u00e9s de una autenticaci\u00f3n exitosa como usuario en m\u00faltiples productos Codesys en m\u00faltiples versiones, solicitudes de comunicaci\u00f3n remota dise\u00f1adas espec\u00edficamente pueden hacer que el componente CmpAppBP sobrescriba un desbordamiento de b\u00fafer, lo que puede conducir a una condici\u00f3n de denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "74FE662F-5397-4CB7-9243-1E6ED0AAEC29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "8896E77C-EB29-4CB9-BC98-D5A34791A961"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "56101551-21ED-4409-9932-9EFA225AF20C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "C1239AA8-B094-4DA3-82B7-38F85B6C3940"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"matchCriteriaId": "C7995687-1BCD-454D-8546-52B80B5F22B0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.19.20",
"matchCriteriaId": "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.19.20",
"matchCriteriaId": "297D8781-B331-40B2-BD34-0041A316D5C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.19.20",
"matchCriteriaId": "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.19.20",
"matchCriteriaId": "09CC9B78-B3B4-4D49-9F23-DC5C80D52588"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.19.20",
"matchCriteriaId": "ACDCB65A-1328-422D-99A0-1D0FFE9AC793"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.19.20",
"matchCriteriaId": "81E2FE85-347D-42DE-9360-D5DB79AAD085"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.19.20",
"matchCriteriaId": "A7DF2418-1EC1-4672-941E-098EBC9BDF4F"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-019/",
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink