Search criteria
4 vulnerabilities found for pluto2 by marel
VAR-201903-1013
Vulnerability from variot - Updated: 2023-12-18 12:43Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication. Marel is a supplier of advanced equipment, systems and services in the meat processing industry. A number of Marel unauthorized access vulnerabilities allow an attacker to exploit a vulnerability to access a system using the Pluto platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pluto2",
"scope": "eq",
"trust": 1.0,
"vendor": "marel",
"version": "1.0.0"
},
{
"model": "pluto1203",
"scope": "eq",
"trust": 1.0,
"vendor": "marel",
"version": "1.0"
},
{
"model": "pluto1203",
"scope": null,
"trust": 0.8,
"vendor": "marel",
"version": null
},
{
"model": "pluto2",
"scope": null,
"trust": 0.8,
"vendor": "marel",
"version": null
},
{
"model": "graders using pluto platform",
"scope": null,
"trust": 0.6,
"vendor": "marel",
"version": null
},
{
"model": "portioning machines using pluto platform",
"scope": null,
"trust": 0.6,
"vendor": "marel",
"version": null
},
{
"model": "flowline systems using pluto platform",
"scope": null,
"trust": 0.6,
"vendor": "marel",
"version": null
},
{
"model": "packing systems using pluto platform",
"scope": null,
"trust": 0.6,
"vendor": "marel",
"version": null
},
{
"model": "sensorx machines using pluto platform",
"scope": null,
"trust": 0.6,
"vendor": "marel",
"version": null
},
{
"model": "target batchers using pluto platform",
"scope": null,
"trust": 0.6,
"vendor": "marel",
"version": null
},
{
"model": "speedbatchers using pluto platform",
"scope": null,
"trust": 0.6,
"vendor": "marel",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pluto1203",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pluto2",
"version": "1.0.0"
}
],
"sources": [
{
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-22832"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"db": "NVD",
"id": "CVE-2017-9626"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:marel:pluto2:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:marel:pluto1203:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9626"
}
]
},
"cve": "CVE-2017-9626",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-9626",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-22832",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-9626",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-9626",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-22832",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-1092",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-22832"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"db": "NVD",
"id": "CVE-2017-9626"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication. Marel is a supplier of advanced equipment, systems and services in the meat processing industry. A number of Marel unauthorized access vulnerabilities allow an attacker to exploit a vulnerability to access a system using the Pluto platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9626"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"db": "CNVD",
"id": "CNVD-2017-22832"
},
{
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9626",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-02B",
"trust": 2.4
},
{
"db": "CNVD",
"id": "CNVD-2017-22832",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1092",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014417",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-02A",
"trust": 0.6
},
{
"db": "IVD",
"id": "102248AF-4C91-4F5E-8572-D64FC6FC06E9",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-22832"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"db": "NVD",
"id": "CVE-2017-9626"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
]
},
"id": "VAR-201903-1013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-22832"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-22832"
}
]
},
"last_update_date": "2023-12-18T12:43:36.210000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://marel.com/"
},
{
"title": "Food Processing Systems Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90507"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"db": "NVD",
"id": "CVE-2017-9626"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-02b"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9626"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9626"
},
{
"trust": 0.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-02a"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-22832"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"db": "NVD",
"id": "CVE-2017-9626"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
},
{
"db": "CNVD",
"id": "CNVD-2017-22832"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"db": "NVD",
"id": "CVE-2017-9626"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-25T00:00:00",
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22832"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"date": "2019-03-27T20:29:03.083000",
"db": "NVD",
"id": "CVE-2017-9626"
},
{
"date": "2019-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22832"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014417"
},
{
"date": "2019-10-09T23:30:43.237000",
"db": "NVD",
"id": "CVE-2017-9626"
},
{
"date": "2019-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marel Food Processing Systems Pluto Platform access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014417"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access control error",
"sources": [
{
"db": "IVD",
"id": "102248af-4c91-4f5e-8572-d64fc6fc06e9"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1092"
}
],
"trust": 0.8
}
}
FKIE_CVE-2017-9626
Vulnerability from fkie_nvd - Published: 2019-03-27 20:29 - Updated: 2024-11-21 03:36
Severity ?
Summary
Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B | Third Party Advisory, US Government Resource |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:marel:pluto1203:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA541EA-7C77-436B-AF39-8A086652AC0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:marel:pluto2:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F78DC2-8AD7-4E74-B840-641953F66E00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication."
},
{
"lang": "es",
"value": "Los sistemas que emplean la plataforma Marel Food Processing Systems Pluto no restringen el acceso remoto. Marel ha creado una actualizaci\u00f3n para las aplicaciones basadas en Pluto. Esta actualizaci\u00f3n restringir\u00e1 el acceso remoto mediante la implementaci\u00f3n de la autenticaci\u00f3n SSH."
}
],
"id": "CVE-2017-9626",
"lastModified": "2024-11-21T03:36:32.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-27T20:29:03.083",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-9626 (GCVE-0-2017-9626)
Vulnerability from cvelistv5 – Published: 2019-03-27 19:35 – Updated: 2024-08-05 17:11
VLAI?
Summary
Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication.
Severity ?
No CVSS data available.
CWE
- CWE-284 - Improper Access Control CWE-284
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Marel | Marel Food Processing Systems Pluto platform |
Affected:
Graders using Pluto platform
Affected: Portioning Machines using Pluto platform Affected: Flowline systems using Pluto platform Affected: Packing systems using Pluto platform Affected: SensorX machines using Pluto platform Affected: Target Batchers using Pluto platform Affected: and SpeedBatchers using Pluto platform |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:11:02.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Marel Food Processing Systems Pluto platform",
"vendor": "Marel",
"versions": [
{
"status": "affected",
"version": "Graders using Pluto platform"
},
{
"status": "affected",
"version": "Portioning Machines using Pluto platform"
},
{
"status": "affected",
"version": "Flowline systems using Pluto platform"
},
{
"status": "affected",
"version": "Packing systems using Pluto platform"
},
{
"status": "affected",
"version": "SensorX machines using Pluto platform"
},
{
"status": "affected",
"version": "Target Batchers using Pluto platform"
},
{
"status": "affected",
"version": "and SpeedBatchers using Pluto platform"
}
]
}
],
"datePublic": "2017-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-27T19:35:52",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-9626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Marel Food Processing Systems Pluto platform",
"version": {
"version_data": [
{
"version_value": "Graders using Pluto platform"
},
{
"version_value": "Portioning Machines using Pluto platform"
},
{
"version_value": "Flowline systems using Pluto platform"
},
{
"version_value": "Packing systems using Pluto platform"
},
{
"version_value": "SensorX machines using Pluto platform"
},
{
"version_value": "Target Batchers using Pluto platform"
},
{
"version_value": "and SpeedBatchers using Pluto platform"
}
]
}
}
]
},
"vendor_name": "Marel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-9626",
"datePublished": "2019-03-27T19:35:52",
"dateReserved": "2017-06-14T00:00:00",
"dateUpdated": "2024-08-05T17:11:02.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9626 (GCVE-0-2017-9626)
Vulnerability from nvd – Published: 2019-03-27 19:35 – Updated: 2024-08-05 17:11
VLAI?
Summary
Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication.
Severity ?
No CVSS data available.
CWE
- CWE-284 - Improper Access Control CWE-284
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Marel | Marel Food Processing Systems Pluto platform |
Affected:
Graders using Pluto platform
Affected: Portioning Machines using Pluto platform Affected: Flowline systems using Pluto platform Affected: Packing systems using Pluto platform Affected: SensorX machines using Pluto platform Affected: Target Batchers using Pluto platform Affected: and SpeedBatchers using Pluto platform |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:11:02.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Marel Food Processing Systems Pluto platform",
"vendor": "Marel",
"versions": [
{
"status": "affected",
"version": "Graders using Pluto platform"
},
{
"status": "affected",
"version": "Portioning Machines using Pluto platform"
},
{
"status": "affected",
"version": "Flowline systems using Pluto platform"
},
{
"status": "affected",
"version": "Packing systems using Pluto platform"
},
{
"status": "affected",
"version": "SensorX machines using Pluto platform"
},
{
"status": "affected",
"version": "Target Batchers using Pluto platform"
},
{
"status": "affected",
"version": "and SpeedBatchers using Pluto platform"
}
]
}
],
"datePublic": "2017-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-27T19:35:52",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-9626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Marel Food Processing Systems Pluto platform",
"version": {
"version_data": [
{
"version_value": "Graders using Pluto platform"
},
{
"version_value": "Portioning Machines using Pluto platform"
},
{
"version_value": "Flowline systems using Pluto platform"
},
{
"version_value": "Packing systems using Pluto platform"
},
{
"version_value": "SensorX machines using Pluto platform"
},
{
"version_value": "Target Batchers using Pluto platform"
},
{
"version_value": "and SpeedBatchers using Pluto platform"
}
]
}
}
]
},
"vendor_name": "Marel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-9626",
"datePublished": "2019-03-27T19:35:52",
"dateReserved": "2017-06-14T00:00:00",
"dateUpdated": "2024-08-05T17:11:02.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}