All the vulnerabilites related to schneider-electric - sage_1430
cve-2024-37036
Vulnerability from cvelistv5
Published
2024-06-12 16:48
Modified
2024-08-02 03:43
Severity ?
EPSS score ?
Summary
CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass
when sending a malformed POST request and particular configuration parameters are set.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Schneider Electric | Sage 1410 |
Version: Versions C3414-500-S02K5_P8 and prior |
||||||||||||||||||||
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:schneider_electric:sage_1410_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:schneider_electric:sage_1430_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:schneider_electric:sage_1450_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:schneider_electric:sage_2400_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:schneider_electric:sage_3030_magnum_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:schneider_electric:sage_4400_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sage_4400_firmware",
"vendor": "schneider_electric",
"versions": [
{
"lessThanOrEqual": "C3414-500-S02K5_P8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37036",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T17:43:17.841310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T17:57:45.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sage 1410",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1430",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1450",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 2400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 3030 Magnum",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 4400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\nCWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass\nwhen sending a malformed POST request and particular configuration parameters are set.\n\n\n\n"
}
],
"value": "CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass\nwhen sending a malformed POST request and particular configuration parameters are set."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T16:48:09.163Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2024-37036",
"datePublished": "2024-06-12T16:48:09.163Z",
"dateReserved": "2024-05-31T06:52:05.762Z",
"dateUpdated": "2024-08-02T03:43:50.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37039
Vulnerability from cvelistv5
Published
2024-06-12 16:54
Modified
2024-08-02 03:43
Severity ?
EPSS score ?
Summary
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the
device when an attacker sends a specially crafted HTTP request.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Schneider Electric | Sage 1410 |
Version: Versions C3414-500-S02K5_P8 and prior |
||||||||||||||||||||
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_4400",
"vendor": "schneider-electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T18:24:08.466465Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T18:33:50.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sage 1410",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1430",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1450",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 2400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 3030 Magnum",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 4400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\n\n\n\nCWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the\ndevice when an attacker sends a specially crafted HTTP request.\n\n\n\n\n\n\n\n\n\n"
}
],
"value": "CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the\ndevice when an attacker sends a specially crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252 Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T16:54:23.117Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2024-37039",
"datePublished": "2024-06-12T16:54:23.117Z",
"dateReserved": "2024-05-31T06:52:05.762Z",
"dateUpdated": "2024-08-02T03:43:50.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6485
Vulnerability from cvelistv5
Published
2016-03-12 02:00
Modified
2024-08-06 07:22
Severity ?
EPSS score ?
Summary
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:22:22.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-03-12T02:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-6485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-6485",
"datePublished": "2016-03-12T02:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:22:22.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5560
Vulnerability from cvelistv5
Published
2024-06-12 16:45
Modified
2024-08-01 21:18
Severity ?
EPSS score ?
Summary
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the
device’s web interface when an attacker sends a specially crafted HTTP request.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Schneider Electric | Sage 1410 |
Version: Versions C3414-500-S02K5_P8 and prior |
||||||||||||||||||||
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_4400",
"vendor": "schneider-electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T18:30:24.462387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T18:32:10.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sage 1410",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1430",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1450",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 2400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 3030 Magnum",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 4400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nCWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the\ndevice\u2019s web interface when an attacker sends a specially crafted HTTP request.\n\n"
}
],
"value": "CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the\ndevice\u2019s web interface when an attacker sends a specially crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T16:45:56.256Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2024-5560",
"datePublished": "2024-06-12T16:45:56.256Z",
"dateReserved": "2024-05-31T06:58:55.638Z",
"dateUpdated": "2024-08-01T21:18:06.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3963
Vulnerability from cvelistv5
Published
2015-08-04 01:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/75302 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032730 | vdb-entry, x_refsource_SECTRACK | |
| http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01 | x_refsource_CONFIRM | |
| https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A | x_refsource_MISC | |
| http://www.securitytracker.com/id/1033181 | vdb-entry, x_refsource_SECTRACK | |
| https://security.netapp.com/advisory/ntap-20160324-0001/ | x_refsource_CONFIRM | |
| https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:01.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75302",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75302"
},
{
"name": "1032730",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A"
},
{
"name": "1033181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160324-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-09T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "75302",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75302"
},
{
"name": "1032730",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A"
},
{
"name": "1033181",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160324-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-3963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75302",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75302"
},
{
"name": "1032730",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032730"
},
{
"name": "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01",
"refsource": "CONFIRM",
"url": "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A"
},
{
"name": "1033181",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033181"
},
{
"name": "https://security.netapp.com/advisory/ntap-20160324-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20160324-0001/"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-3963",
"datePublished": "2015-08-04T01:00:00",
"dateReserved": "2015-05-12T00:00:00",
"dateUpdated": "2024-08-06T06:04:01.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37037
Vulnerability from cvelistv5
Published
2024-06-12 16:50
Modified
2024-08-02 03:43
Severity ?
EPSS score ?
Summary
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path
Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s
web interface to corrupt files and impact device functionality when sending a crafted HTTP
request.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Schneider Electric | Sage 1410 |
Version: Versions C3414-500-S02K5_P8 and prior |
||||||||||||||||||||
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_4400",
"vendor": "schneider-electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37037",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T18:28:51.967522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T18:33:38.098Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sage 1410",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1430",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1450",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 2400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 3030 Magnum",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 4400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\nCWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u2018Path\nTraversal\u2019) vulnerability exists that could allow an authenticated user with access to the device\u2019s\nweb interface to corrupt files and impact device functionality when sending a crafted HTTP\nrequest.\n\n\n\n\n\n"
}
],
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u2018Path\nTraversal\u2019) vulnerability exists that could allow an authenticated user with access to the device\u2019s\nweb interface to corrupt files and impact device functionality when sending a crafted HTTP\nrequest."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T16:50:09.159Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2024-37037",
"datePublished": "2024-06-12T16:50:09.159Z",
"dateReserved": "2024-05-31T06:52:05.762Z",
"dateUpdated": "2024-08-02T03:43:50.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37038
Vulnerability from cvelistv5
Published
2024-06-12 16:51
Modified
2024-08-02 03:43
Severity ?
EPSS score ?
Summary
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated
user with access to the device’s web interface to perform unauthorized file and firmware
uploads when crafting custom web requests.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Schneider Electric | Sage 1410 |
Version: Versions C3414-500-S02K5_P8 and prior |
||||||||||||||||||||
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:schneider_electric:sage_4400:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_4400",
"vendor": "schneider_electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:schneider_electric:sage_1430:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_1430",
"vendor": "schneider_electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:schneider_electric:sage_2400:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_2400",
"vendor": "schneider_electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:schneider_electric:sage_3030m:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_3030m",
"vendor": "schneider_electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:schneider_electric:sage_1410:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_1410",
"vendor": "schneider_electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:schneider_electric:sage_1450:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_1450",
"vendor": "schneider_electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37038",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T17:44:53.062764Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T17:54:11.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sage 1410",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1430",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1450",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 2400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 3030 Magnum",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 4400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\n\nCWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated\nuser with access to the device\u2019s web interface to perform unauthorized file and firmware\nuploads when crafting custom web requests.\n\n\n\n\n\n\n\n"
}
],
"value": "CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated\nuser with access to the device\u2019s web interface to perform unauthorized file and firmware\nuploads when crafting custom web requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T16:51:55.800Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2024-37038",
"datePublished": "2024-06-12T16:51:55.800Z",
"dateReserved": "2024-05-31T06:52:05.762Z",
"dateUpdated": "2024-08-02T03:43:50.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37040
Vulnerability from cvelistv5
Published
2024-06-12 16:56
Modified
2024-08-02 03:43
Severity ?
EPSS score ?
Summary
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability
exists that could allow a user with access to the device’s web interface to cause a fault on the
device when sending a malformed HTTP request.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Schneider Electric | Sage 1410 |
Version: Versions C3414-500-S02K5_P8 and prior |
||||||||||||||||||||
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sage_4400",
"vendor": "schneider-electric",
"versions": [
{
"lessThanOrEqual": "c3414-500-s02k5_p8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37040",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T18:27:09.666436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T18:34:05.093Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sage 1410",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1430",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 1450",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 2400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 3030 Magnum",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Sage 4400",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Versions C3414-500-S02K5_P8 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\n\n\n\n\n\nCWE-120: Buffer Copy without Checking Size of Input (\u2018Classic Buffer Overflow\u2019) vulnerability\nexists that could allow a user with access to the device\u2019s web interface to cause a fault on the\ndevice when sending a malformed HTTP request.\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"value": "CWE-120: Buffer Copy without Checking Size of Input (\u2018Classic Buffer Overflow\u2019) vulnerability\nexists that could allow a user with access to the device\u2019s web interface to cause a fault on the\ndevice when sending a malformed HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T16:56:06.117Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2024-37040",
"datePublished": "2024-06-12T16:56:06.117Z",
"dateReserved": "2024-05-31T06:52:05.762Z",
"dateUpdated": "2024-08-02T03:43:50.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2015-08-04 01:59
Modified
2024-11-21 02:30
Severity ?
Summary
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| windriver | vxworks | * | |
| windriver | vxworks | * | |
| windriver | vxworks | * | |
| windriver | vxworks | * | |
| windriver | vxworks | 6.6.3 | |
| windriver | vxworks | 6.6.4 | |
| windriver | vxworks | 6.6.4.1 | |
| windriver | vxworks | 7.0 | |
| schneider-electric | sage_1210 | - | |
| schneider-electric | sage_1230 | - | |
| schneider-electric | sage_1250 | - | |
| schneider-electric | sage_1310 | - | |
| schneider-electric | sage_1330 | - | |
| schneider-electric | sage_1350 | - | |
| schneider-electric | sage_1410 | - | |
| schneider-electric | sage_1430 | - | |
| schneider-electric | sage_1450 | - | |
| schneider-electric | sage_2200 | - | |
| schneider-electric | sage_2400 | - | |
| schneider-electric | sage_3030 | - | |
| schneider-electric | sage_3030_magnum | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8C5727-B863-4B2D-896B-B079CC49FEBA",
"versionEndIncluding": "6.6",
"versionStartIncluding": "6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12D324CD-4AAD-484B-BC8D-B0C7A76FC556",
"versionEndExcluding": "6.7.1.1",
"versionStartIncluding": "6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E97899-D5E5-4C4D-A553-B15F1DD31041",
"versionEndExcluding": "6.8.3",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1DE1FEF-4519-45F6-867D-5248A6B4753C",
"versionEndExcluding": "6.9.4.4",
"versionStartIncluding": "6.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:6.6.3:*:*:*:cert:*:*:*",
"matchCriteriaId": "ABFC811A-A440-464A-B5C8-1DB9DEAEEAF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:6.6.4:*:*:*:cert:*:*:*",
"matchCriteriaId": "A048ED68-46C5-49B3-9A8E-12F90CE1B6FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:6.6.4.1:*:*:*:cert:*:*:*",
"matchCriteriaId": "44AE1224-EFE0-4BA9-8250-1C4BB2F37301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4810B35-06F6-4971-BE87-A30B1CF58AA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A16A7B3E-0B50-4577-A27C-75422924226C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA1F2F1-F8C3-427B-AD6F-778AF0193996",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A95CFF8-563A-45B1-B038-E9DD1AB5C4D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9592965-4A3B-4AD8-81F3-EDECC295B567",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC4C5D0-DB9C-419A-B30B-62514DEDE901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D66C8C1-E611-47B1-B9CF-32689F86B392",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E606BD-92F8-4396-AD13-666D76E1E34D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E29CCC-4E21-411E-80DD-545A66E9B042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66759867-027F-4FA6-ABA6-BFDEE49E8F8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82032E41-EE2D-4DC4-8420-6BFE92593061",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F83471-9806-4169-937E-27BDF3FC5A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453696F2-0F4C-4000-A438-F814D0FC3504",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value."
},
{
"lang": "es",
"value": "Vulnerabilidad en Wind River VxWorks en versiones anteriores a 5.5.1, 6.5.x hasta la versi\u00f3n 6.7.x en versiones anteriores a 6.7.1.1, 6.8.x hasta la versi\u00f3n 6.8.3, 6.9.x en versiones anteriores a 6.9.4.4 y 7.x en versiones anteriores a 7 ipnet_coreip 1.2.2.0, tal como se utiliza en dispositivos Schneider Electric SAGE RTU en versiones anteriores a J2 y otros dispositivos, no genera correctamente valores del n\u00famero inicial de secuencia (ISN) de TCP, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos falsificar las sesiones TCP al predecir un valor ISN."
}
],
"id": "CVE-2015-3963",
"lastModified": "2024-11-21T02:30:09.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-04T01:59:07.357",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75302"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032730"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033181"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20160324-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20160324-0001/"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-12 17:15
Modified
2024-11-21 09:23
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass
when sending a malformed POST request and particular configuration parameters are set.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:sage_rtu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A29B28-4959-4156-B77A-5D38B896029B",
"versionEndIncluding": "c3414-500-s02k5_p8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E606BD-92F8-4396-AD13-666D76E1E34D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E29CCC-4E21-411E-80DD-545A66E9B042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66759867-027F-4FA6-ABA6-BFDEE49E8F8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453696F2-0F4C-4000-A438-F814D0FC3504",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6462B366-8F9F-49D6-939A-E73C1D5A707C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass\nwhen sending a malformed POST request and particular configuration parameters are set."
},
{
"lang": "es",
"value": "CWE-787: Existe una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda provocar una omisi\u00f3n de autenticaci\u00f3n al enviar una solicitud POST con formato incorrecto y se establecen par\u00e1metros de configuraci\u00f3n particulares."
}
],
"id": "CVE-2024-37036",
"lastModified": "2024-11-21T09:23:05.510",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "cybersecurity@se.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-12T17:15:50.637",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-12 17:15
Modified
2024-11-21 09:23
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path
Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s
web interface to corrupt files and impact device functionality when sending a crafted HTTP
request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:sage_rtu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DDD3DD-576C-404E-A132-D1357936A610",
"versionEndExcluding": "c3414-500-s02k5_p9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E606BD-92F8-4396-AD13-666D76E1E34D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E29CCC-4E21-411E-80DD-545A66E9B042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66759867-027F-4FA6-ABA6-BFDEE49E8F8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453696F2-0F4C-4000-A438-F814D0FC3504",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6462B366-8F9F-49D6-939A-E73C1D5A707C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u2018Path\nTraversal\u2019) vulnerability exists that could allow an authenticated user with access to the device\u2019s\nweb interface to corrupt files and impact device functionality when sending a crafted HTTP\nrequest."
},
{
"lang": "es",
"value": "CWE-22: Existe una vulnerabilidad de limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (\"Path Traversal\") que podr\u00eda permitir que un usuario autenticado con acceso a la interfaz web del dispositivo corrompa archivos y afecte la funcionalidad del dispositivo al enviar una solicitud HTTP manipulada."
}
],
"id": "CVE-2024-37037",
"lastModified": "2024-11-21T09:23:05.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "cybersecurity@se.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-12T17:15:50.853",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-12 17:15
Modified
2024-11-21 09:23
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability
exists that could allow a user with access to the device’s web interface to cause a fault on the
device when sending a malformed HTTP request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:sage_rtu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DDD3DD-576C-404E-A132-D1357936A610",
"versionEndExcluding": "c3414-500-s02k5_p9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E606BD-92F8-4396-AD13-666D76E1E34D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E29CCC-4E21-411E-80DD-545A66E9B042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66759867-027F-4FA6-ABA6-BFDEE49E8F8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453696F2-0F4C-4000-A438-F814D0FC3504",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6462B366-8F9F-49D6-939A-E73C1D5A707C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CWE-120: Buffer Copy without Checking Size of Input (\u2018Classic Buffer Overflow\u2019) vulnerability\nexists that could allow a user with access to the device\u2019s web interface to cause a fault on the\ndevice when sending a malformed HTTP request."
},
{
"lang": "es",
"value": "CWE-120: Existe una vulnerabilidad de copia de b\u00fafer sin verificar el tama\u00f1o de la entrada (\u0027desbordamiento de b\u00fafer cl\u00e1sico\u0027) que podr\u00eda permitir que un usuario con acceso a la interfaz web del dispositivo cause una falla en el dispositivo al enviar una solicitud HTTP con formato incorrecto."
}
],
"id": "CVE-2024-37040",
"lastModified": "2024-11-21T09:23:06.170",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "cybersecurity@se.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-12T17:15:51.540",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-12 17:15
Modified
2024-11-21 09:23
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated
user with access to the device’s web interface to perform unauthorized file and firmware
uploads when crafting custom web requests.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:sage_rtu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DDD3DD-576C-404E-A132-D1357936A610",
"versionEndExcluding": "c3414-500-s02k5_p9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E606BD-92F8-4396-AD13-666D76E1E34D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E29CCC-4E21-411E-80DD-545A66E9B042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66759867-027F-4FA6-ABA6-BFDEE49E8F8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453696F2-0F4C-4000-A438-F814D0FC3504",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6462B366-8F9F-49D6-939A-E73C1D5A707C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated\nuser with access to the device\u2019s web interface to perform unauthorized file and firmware\nuploads when crafting custom web requests."
},
{
"lang": "es",
"value": "CWE-276: Existe una vulnerabilidad de permisos predeterminados incorrectos que podr\u00eda permitir que un usuario autenticado con acceso a la interfaz web del dispositivo realice cargas de archivos y firmware no autorizadas al crear solicitudes web personalizadas."
}
],
"id": "CVE-2024-37038",
"lastModified": "2024-11-21T09:23:05.867",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "cybersecurity@se.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-12T17:15:51.080",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "cybersecurity@se.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-03-12 02:59
Modified
2024-11-21 02:35
Severity ?
Summary
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:telvent_rtu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62D26165-D236-4015-9BFC-FCB18D9C439E",
"versionEndIncluding": "c3414-500-s02j1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E606BD-92F8-4396-AD13-666D76E1E34D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E29CCC-4E21-411E-80DD-545A66E9B042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66759867-027F-4FA6-ABA6-BFDEE49E8F8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF675FF2-416A-43AA-9DCF-0661DE9B3505",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_landac_ii-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4892DAFA-A8E9-4714-B545-251A4EF4EAE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C829F113-406B-4FFF-8413-7F3C1303C5DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:telvent_rtu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90797CBE-6CE0-4452-A4E5-AE3BEFBCE034",
"versionEndIncluding": "c3413-500-001d3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet."
},
{
"lang": "es",
"value": "Schneider Electric Telvent Sage 2300 RTUs con firmware anterior a C3413-500-S01 y LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400 y Sage 3030M RTUs con firmware anterior a C3414-500-S02J2, permiten a atacantes remotos obtener informaci\u00f3n sensible de memoria del dispositivo leyendo un campo de relleno de un paquete Ethernet."
}
],
"id": "CVE-2015-6485",
"lastModified": "2024-11-21T02:35:03.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-12T02:59:00.113",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-12 17:15
Modified
2024-11-21 09:23
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the
device when an attacker sends a specially crafted HTTP request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:sage_rtu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DDD3DD-576C-404E-A132-D1357936A610",
"versionEndExcluding": "c3414-500-s02k5_p9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E606BD-92F8-4396-AD13-666D76E1E34D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E29CCC-4E21-411E-80DD-545A66E9B042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66759867-027F-4FA6-ABA6-BFDEE49E8F8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453696F2-0F4C-4000-A438-F814D0FC3504",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6462B366-8F9F-49D6-939A-E73C1D5A707C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the\ndevice when an attacker sends a specially crafted HTTP request."
},
{
"lang": "es",
"value": "CWE-252: Existe una vulnerabilidad de valor de retorno no verificado que podr\u00eda causar denegaci\u00f3n de servicio del dispositivo cuando un atacante env\u00eda una solicitud HTTP especialmente manipulada."
}
],
"id": "CVE-2024-37039",
"lastModified": "2024-11-21T09:23:06.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "cybersecurity@se.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-12T17:15:51.313",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-12 17:15
Modified
2024-11-21 09:47
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the
device’s web interface when an attacker sends a specially crafted HTTP request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:sage_rtu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DDD3DD-576C-404E-A132-D1357936A610",
"versionEndExcluding": "c3414-500-s02k5_p9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E606BD-92F8-4396-AD13-666D76E1E34D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E29CCC-4E21-411E-80DD-545A66E9B042",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66759867-027F-4FA6-ABA6-BFDEE49E8F8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453696F2-0F4C-4000-A438-F814D0FC3504",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:schneider-electric:sage_4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6462B366-8F9F-49D6-939A-E73C1D5A707C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the\ndevice\u2019s web interface when an attacker sends a specially crafted HTTP request."
},
{
"lang": "es",
"value": "CWE-125: Existe una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda causar denegaci\u00f3n de servicio de la interfaz web del dispositivo cuando un atacante env\u00eda una solicitud HTTP especialmente manipulada."
}
],
"id": "CVE-2024-5560",
"lastModified": "2024-11-21T09:47:55.983",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "cybersecurity@se.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-12T17:15:52.357",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-163-05.pdf"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
}
]
}