All the vulnerabilites related to mitsubishielectric - q03\/04\/06\/13\/26udvcpu
cve-2019-13555
Vulnerability from cvelistv5
Published
2019-11-13 22:27
Modified
2024-08-04 23:57
Severity ?
EPSS score ?
Summary
In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-311-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior. |
Version: Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-311-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-13T22:27:22",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-311-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior.",
"version": {
"version_data": [
{
"version_value": "Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-311-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-311-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-13555",
"datePublished": "2019-11-13T22:27:22",
"dateReserved": "2019-07-11T00:00:00",
"dateUpdated": "2024-08-04T23:57:39.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-11-13 23:15
Modified
2024-11-21 04:25
Severity ?
Summary
In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-19-311-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-311-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:q03\\/04\\/06\\/13\\/26udvcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3FFA52F-3934-465F-B9E6-615ABE53DCE2",
"versionEndIncluding": "21081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:q03\\/04\\/06\\/13\\/26udvcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BADFAFAD-D3A2-4802-BB8B-46340D3D9550",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:q04\\/06\\/13\\/26udpvcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73DD8BA5-CFE9-4CE2-9FB4-03588EA7CE76",
"versionEndIncluding": "21081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:q04\\/06\\/13\\/26udpvcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F44F9695-BD0E-48E8-B0B4-5BF6DF07B612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:q03udecpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9E2B6C-0039-447A-8513-01D84C44AC06",
"versionEndIncluding": "21081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:q03udecpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "946DA26E-A6B2-46F6-BA81-A92133124823",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:q04\\/06\\/10\\/13\\/20\\/26\\/50\\/100udehcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "092CBA40-1034-4E91-9576-01895AF686ED",
"versionEndIncluding": "21081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:q04\\/06\\/10\\/13\\/20\\/26\\/50\\/100udehcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C545FF-8695-4F1C-BAD7-EFF6731908D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF8CDCC-8A45-449B-84A7-417ADF536199",
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9358A26E-5619-429F-B446-D6F7E9914889",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-bt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33C33950-5B33-4315-88D9-4B8107847ECD",
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3966C103-5181-49E3-878F-A0AF9F1DBA76",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu-p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BFAA052-A72F-401D-91BC-6D8276A11D6D",
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "069CB556-4AEB-43E0-91AC-1A69F2C833D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-pbt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F529865-DB4B-4A94-B950-79F01D92F7CB",
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-pbt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A60BE93D-B60D-4F45-ACD3-7B64C0C45D83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu-cm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CE2836-0F6F-4C78-A5EC-547E9409E31E",
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu-cm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93AE7089-00AD-412A-82F5-892421130C18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-bt-cm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A4ABB1-4BEA-474A-9215-968825B12B7A",
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-bt-cm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "553A2CEB-5528-4A9E-800E-D91E5A3C49AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules."
},
{
"lang": "es",
"value": "En Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: n\u00famero de serie 21081 y anterior, Q04/06/13/26UDPVCPU: n\u00famero de serie 21081 y anterior, y Q04/06/10/13/20/26/50/100UDEHCPU: n\u00famero de serie 21081 y anterior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: n\u00famero de serie 21101 y anterior, L02/06/26CPU-P, L26CPU-PBT: n\u00famero de serie 21101 y anterior, y L02/06/26CPU-CM, L26CPU-BT-CM: n\u00famero de serie 21101 y anterior, un atacante remoto puede causar que el servicio FTP ingrese en una condici\u00f3n de denegaci\u00f3n de servicio dependiendo de la sincronizaci\u00f3n en la que un atacante remoto conecta con el Servidor FTP en los m\u00f3dulos de CPU anteriores."
}
],
"id": "CVE-2019-13555",
"lastModified": "2024-11-21T04:25:08.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-13T23:15:11.327",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-311-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-311-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201911-1188
Vulnerability from variot
In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules. Provided by Mitsubishi Electric Corporation MELSEC-Q series CPU Unit and MELSEC-L series CPU Unit FTP The server function has a resource exhaustion vulnerability (CWE-400) Exists. Of the product FTP Server function interferes with service operation (DoS) It may be in a state. This vulnerability information is used by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC Coordinated with the developer.Of the product FTP Server function interferes with service operation (DoS) By becoming a state, FTP The client FTP You will not be able to connect to the server. According to the developer, the vulnerability affects FTP It is only a server function. The Mitsubishi Electric MELSEC-Q Series is a MELSEC-Q series programmable logic controller from Mitsubishi Electric Corporation of Japan. The Mitsubishi MELSEC-L Series is a MELSEC-L series programmable logic controller from Mitsubishi Corporation of Japan
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-1188",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "q03udecpu",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21081"
},
{
"model": "q04\\/06\\/10\\/13\\/20\\/26\\/50\\/100udehcpu",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21081"
},
{
"model": "l26cpu-pbt",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21101"
},
{
"model": "l26cpu-bt",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21101"
},
{
"model": "l02\\/06\\/26cpu-cm",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21101"
},
{
"model": "l02\\/06\\/26cpu-p",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21101"
},
{
"model": "q03\\/04\\/06\\/13\\/26udvcpu",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21081"
},
{
"model": "l02\\/06\\/26cpu",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21101"
},
{
"model": "q04\\/06\\/13\\/26udpvcpu",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21081"
},
{
"model": "l26cpu-bt-cm",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "21101"
},
{
"model": "melsec-l series cpu unit",
"scope": "eq",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "l02/06/26cpu"
},
{
"model": "melsec-l series cpu unit",
"scope": "lte",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "l26cpu-bt ( top serial number 5 digits 21101 )"
},
{
"model": "melsec-l series cpu unit",
"scope": "eq",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "l02/06/26cpu-cm"
},
{
"model": "melsec-l series cpu unit",
"scope": "lte",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "l26cpu-bt-cm ( top serial number 5 digits 21101 )"
},
{
"model": "melsec-l series cpu unit",
"scope": "eq",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "l02/06/26cpu-p"
},
{
"model": "melsec-l series cpu unit",
"scope": "lte",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "l26cpu-pbt ( top serial number 5 digits 21101 )"
},
{
"model": "melsec-q series cpu unit",
"scope": "lte",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "q03/04/06/13/26udvcpu ( top serial number 5 digits 21081 )"
},
{
"model": "melsec-q series cpu unit",
"scope": "eq",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "q03udecpu"
},
{
"model": "melsec-q series cpu unit",
"scope": "lte",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "q04/06/10/13/20/26/50/100udehcpu ( top serial number 5 digits 21081 )"
},
{
"model": "melsec-q series cpu unit",
"scope": "lte",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "q04/06/13/26udpvcpu ( top serial number 5 digits 21081 )"
},
{
"model": "electric mitsubishi electric melsec-q series \u003c=q03/04/06/13/26udvcpu",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21081"
},
{
"model": "electric mitsubishi electric melsec-q series \u003c=q04/06/13/26udpvcpu",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21081"
},
{
"model": "electric mitsubishi electric melsec-q series \u003c=q03udecpu q04/06/10/13/20/26/50/100udehcpu",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21081"
},
{
"model": "electric mitsubishi melsec-l series \u003c=l26cpu-bt",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21101"
},
{
"model": "electric mitsubishi melsec-l series \u003c=l02/06/26cpu-p",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21101"
},
{
"model": "electric mitsubishi melsec-l series \u003c=l26cpu-pbt",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21101"
},
{
"model": "electric mitsubishi melsec-l series \u003c=l02/06/26cpu-cm",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21101"
},
{
"model": "electric mitsubishi melsec-l series \u003c=l26cpu-bt-cm",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21101"
},
{
"model": "electric mitsubishi melsec-l series \u003c=l02/06/26cpu",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "21101"
},
{
"model": "l26cpu-bt",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishielectric",
"version": "21101"
},
{
"model": "l26cpu-bt",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "l26cpu-pbt",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishielectric",
"version": "21101"
},
{
"model": "q03udecpu",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "q03udecpu",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishielectric",
"version": "21081"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "q03 04 06 13 26udvcpu",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "l26cpu bt cm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "q04 06 13 26udpvcpu",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "q03udecpu",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "q04 06 10 13 20 26 50 100udehcpu",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "l02 06 26cpu",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "l26cpu bt",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "l02 06 26cpu p",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "l26cpu pbt",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "l02 06 26cpu cm",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-424"
},
{
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:q03\\/04\\/06\\/13\\/26udvcpu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21081",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:q03\\/04\\/06\\/13\\/26udvcpu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:q04\\/06\\/13\\/26udpvcpu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21081",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:q04\\/06\\/13\\/26udpvcpu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:q03udecpu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21081",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:q03udecpu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:q04\\/06\\/10\\/13\\/20\\/26\\/50\\/100udehcpu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21081",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:q04\\/06\\/10\\/13\\/20\\/26\\/50\\/100udehcpu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:l26cpu-bt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu-p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu-p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:l26cpu-pbt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:l26cpu-pbt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu-cm_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu-cm:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:l26cpu-bt-cm_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:l26cpu-bt-cm:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"cve": "CVE-2019-13555",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "JPCERT/CC",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-011686",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-41428",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2019-13555",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "JPCERT/CC",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-011686",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-13555",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "JPCERT/CC",
"id": "JVNDB-2019-011686",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-41428",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-424",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-13555",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"db": "VULMON",
"id": "CVE-2019-13555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-424"
},
{
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules. Provided by Mitsubishi Electric Corporation MELSEC-Q series CPU Unit and MELSEC-L series CPU Unit FTP The server function has a resource exhaustion vulnerability (CWE-400) Exists. Of the product FTP Server function interferes with service operation (DoS) It may be in a state. This vulnerability information is used by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC Coordinated with the developer.Of the product FTP Server function interferes with service operation (DoS) By becoming a state, FTP The client FTP You will not be able to connect to the server. According to the developer, the vulnerability affects FTP It is only a server function. The Mitsubishi Electric MELSEC-Q Series is a MELSEC-Q series programmable logic controller from Mitsubishi Electric Corporation of Japan. The Mitsubishi MELSEC-L Series is a MELSEC-L series programmable logic controller from Mitsubishi Corporation of Japan",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"db": "VULMON",
"id": "CVE-2019-13555"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13555",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-19-311-01",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2019-41428",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-424",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU97094124",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011686",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.4209",
"trust": 0.6
},
{
"db": "IVD",
"id": "00D06E5F-E8D7-433D-9E94-3FF51C3E39B6",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2019-13555",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"db": "VULMON",
"id": "CVE-2019-13555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-424"
},
{
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"id": "VAR-201911-1188",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"db": "CNVD",
"id": "CNVD-2019-41428"
}
],
"trust": 1.7375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"db": "CNVD",
"id": "CNVD-2019-41428"
}
]
},
"last_update_date": "2024-02-13T22:42:01.167000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MELSEC-Q\u30b7\u30ea\u30fc\u30baCPU\u3001\u304a\u3088\u3073MELSEC-L\u30b7\u30ea\u30fc\u30baCPU\u306b\u304a\u3051\u308bFTP\u30b5\u30fc\u30d0\u6a5f\u80fd\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2019-002.pdf"
},
{
"title": "Patch for Mitsubishi Electric MELSEC-Q Series and Mitsubishi MELSEC-L Series Resource Management Error Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/191107"
},
{
"title": "Mitsubishi Electric MELSEC-Q Series and MELSEC-L Series Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=103038"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-424"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-311-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13555"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13555"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu97094124"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4209/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"db": "VULMON",
"id": "CVE-2019-13555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-424"
},
{
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"db": "VULMON",
"id": "CVE-2019-13555"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-424"
},
{
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-20T00:00:00",
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"date": "2019-11-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"date": "2019-11-13T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13555"
},
{
"date": "2019-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"date": "2019-11-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-424"
},
{
"date": "2019-11-13T23:15:11.327000",
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-41428"
},
{
"date": "2019-11-18T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13555"
},
{
"date": "2019-12-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011686"
},
{
"date": "2019-11-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-424"
},
{
"date": "2019-11-18T16:32:18.323000",
"db": "NVD",
"id": "CVE-2019-13555"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-424"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Made by Mitsubishi Electric MELSEC-Q series CPU Unit and MELSEC-L series CPU Unit FTP Server function resource exhaustion vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011686"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource management error",
"sources": [
{
"db": "IVD",
"id": "00d06e5f-e8d7-433d-9e94-3ff51c3e39b6"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-424"
}
],
"trust": 0.8
}
}