All the vulnerabilites related to siemens - simatic_rf185c
cve-2024-37992
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:08
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
5.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:04:53.594332Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:08:09.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1140R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1170R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF166C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF360R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:36:37.300Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-37992",
"datePublished": "2024-09-10T09:36:37.300Z",
"dateReserved": "2024-06-11T08:32:52.183Z",
"dateUpdated": "2024-09-10T15:08:09.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37991
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:09
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
6.0 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
6.0 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37991",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:09:26.404268Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:09:35.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1140R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1170R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF166C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF360R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:36:35.565Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-37991",
"datePublished": "2024-09-10T09:36:35.565Z",
"dateReserved": "2024-06-11T08:32:52.183Z",
"dateUpdated": "2024-09-10T15:09:35.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37994
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:03
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:03:36.814417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:03:52.417Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1140R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1170R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF166C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF360R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912: Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:36:40.841Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-37994",
"datePublished": "2024-09-10T09:36:40.841Z",
"dateReserved": "2024-06-11T08:32:52.184Z",
"dateUpdated": "2024-09-10T15:03:52.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37995
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:08:52.987640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:09:02.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1140R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1170R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF166C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF360R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:36:42.714Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-37995",
"datePublished": "2024-09-10T09:36:42.714Z",
"dateReserved": "2024-06-11T08:32:52.184Z",
"dateUpdated": "2024-09-10T15:09:02.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37993
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:04
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:04:12.477171Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:04:32.084Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1140R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1170R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF166C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF360R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:36:39.074Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-37993",
"datePublished": "2024-09-10T09:36:39.074Z",
"dateReserved": "2024-06-11T08:32:52.184Z",
"dateUpdated": "2024-09-10T15:04:32.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3449
Vulnerability from cvelistv5
Published
2021-03-25 14:25
Modified
2024-09-17 03:43
Severity ?
EPSS score ?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.openssl.org/news/secadv/20210325.txt | ||
| https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 | ||
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd | vendor-advisory | |
| https://www.debian.org/security/2021/dsa-4875 | vendor-advisory | |
| http://www.openwall.com/lists/oss-security/2021/03/27/1 | mailing-list | |
| http://www.openwall.com/lists/oss-security/2021/03/27/2 | mailing-list | |
| http://www.openwall.com/lists/oss-security/2021/03/28/3 | mailing-list | |
| http://www.openwall.com/lists/oss-security/2021/03/28/4 | mailing-list | |
| https://security.gentoo.org/glsa/202103-03 | vendor-advisory | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ | vendor-advisory | |
| https://www.oracle.com/security-alerts/cpuApr2021.html | ||
| https://www.tenable.com/security/tns-2021-10 | ||
| https://www.tenable.com/security/tns-2021-09 | ||
| https://security.netapp.com/advisory/ntap-20210513-0002/ | ||
| https://security.netapp.com/advisory/ntap-20210326-0006/ | ||
| https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc | ||
| https://www.tenable.com/security/tns-2021-06 | ||
| https://www.tenable.com/security/tns-2021-05 | ||
| https://kc.mcafee.com/corporate/index?page=content&id=SB10356 | ||
| https://www.oracle.com//security-alerts/cpujul2021.html | ||
| https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf | ||
| https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 | ||
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 | ||
| https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html | mailing-list | |
| https://www.oracle.com/security-alerts/cpuoct2021.html | ||
| https://www.oracle.com/security-alerts/cpuapr2022.html | ||
| https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | ||
| https://www.oracle.com/security-alerts/cpujul2022.html | ||
| https://security.netapp.com/advisory/ntap-20240621-0006/ |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:53:17.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20210325.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
},
{
"name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
},
{
"name": "DSA-4875",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4875"
},
{
"name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
},
{
"name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
},
{
"name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
},
{
"name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
},
{
"name": "GLSA-202103-03",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202103-03"
},
{
"name": "FEDORA-2021-cbf14ab8f9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2021-10"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2021-09"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2021-06"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2021-05"
},
{
"tags": [
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
},
{
"name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"status": "affected",
"version": "Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Peter K\u00e4stle (Nokia) and Samuel Sapalski (Nokia)"
}
],
"datePublic": "2021-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
}
],
"metrics": [
{
"other": {
"content": {
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#High",
"value": "High"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NULL pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T19:05:57.096577",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"url": "https://www.openssl.org/news/secadv/20210325.txt"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
},
{
"name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
},
{
"name": "DSA-4875",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4875"
},
{
"name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
},
{
"name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
},
{
"name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
},
{
"name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
},
{
"name": "GLSA-202103-03",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202103-03"
},
{
"name": "FEDORA-2021-cbf14ab8f9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"url": "https://www.tenable.com/security/tns-2021-10"
},
{
"url": "https://www.tenable.com/security/tns-2021-09"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
},
{
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
},
{
"url": "https://www.tenable.com/security/tns-2021-06"
},
{
"url": "https://www.tenable.com/security/tns-2021-05"
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
},
{
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
},
{
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
},
{
"name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"title": "NULL pointer deref in signature_algorithms processing"
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2021-3449",
"datePublished": "2021-03-25T14:25:13.659307Z",
"dateReserved": "2021-03-17T00:00:00",
"dateUpdated": "2024-09-17T03:43:55.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-5391
Vulnerability from cvelistv5
Published
2018-09-06 21:00
Modified
2024-08-05 05:33
Severity ?
EPSS score ?
Summary
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:3540 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2785 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:3083 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2925 | vendor-advisory, x_refsource_REDHAT | |
| https://www.kb.cert.org/vuls/id/641765 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt | x_refsource_CONFIRM | |
| https://usn.ubuntu.com/3741-2/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securitytracker.com/id/1041476 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2018:3459 | vendor-advisory, x_refsource_REDHAT | |
| https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2018:2933 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/3740-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3741-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2018:3590 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2948 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/3742-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3740-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securityfocus.com/bid/105108 | vdb-entry, x_refsource_BID | |
| https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3742-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2018:2924 | vendor-advisory, x_refsource_REDHAT | |
| https://www.debian.org/security/2018/dsa-4272 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2018:3586 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2846 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1041637 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2018:3096 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2791 | vendor-advisory, x_refsource_REDHAT | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20181003-0002/ | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2019/06/28/2 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/07/06/3 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/07/06/4 | mailing-list, x_refsource_MLIST | |
| https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM | |
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:44.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:3540",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3540"
},
{
"name": "RHSA-2018:2785",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2785"
},
{
"name": "RHSA-2018:3083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
},
{
"name": "RHSA-2018:2925",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2925"
},
{
"name": "VU#641765",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/641765"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
},
{
"name": "USN-3741-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"name": "1041476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041476"
},
{
"name": "RHSA-2018:3459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3459"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
},
{
"name": "RHSA-2018:2933",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2933"
},
{
"name": "USN-3740-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"name": "USN-3741-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"name": "RHSA-2018:3590",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3590"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "USN-3742-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"name": "USN-3740-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"name": "105108",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105108"
},
{
"name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
},
{
"name": "USN-3742-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"name": "RHSA-2018:2924",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2924"
},
{
"name": "DSA-4272",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4272"
},
{
"name": "RHSA-2018:3586",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3586"
},
{
"name": "RHSA-2018:2846",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2846"
},
{
"name": "1041637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041637"
},
{
"name": "RHSA-2018:3096",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"name": "RHSA-2018:2791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2791"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kernel",
"vendor": "Linux",
"versions": [
{
"lessThan": "3.9*",
"status": "affected",
"version": "3.9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability."
}
],
"datePublic": "2018-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-14T12:06:39",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "RHSA-2018:3540",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3540"
},
{
"name": "RHSA-2018:2785",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2785"
},
{
"name": "RHSA-2018:3083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
},
{
"name": "RHSA-2018:2925",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2925"
},
{
"name": "VU#641765",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/641765"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
},
{
"name": "USN-3741-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"name": "1041476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041476"
},
{
"name": "RHSA-2018:3459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3459"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
},
{
"name": "RHSA-2018:2933",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2933"
},
{
"name": "USN-3740-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"name": "USN-3741-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"name": "RHSA-2018:3590",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3590"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "USN-3742-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"name": "USN-3740-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"name": "105108",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105108"
},
{
"name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
},
{
"name": "USN-3742-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"name": "RHSA-2018:2924",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2924"
},
{
"name": "DSA-4272",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4272"
},
{
"name": "RHSA-2018:3586",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3586"
},
{
"name": "RHSA-2018:2846",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2846"
},
{
"name": "1041637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041637"
},
{
"name": "RHSA-2018:3096",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"name": "RHSA-2018:2791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2791"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2018-5391",
"STATE": "PUBLIC",
"TITLE": "The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kernel",
"version": {
"version_data": [
{
"affected": "\u003e=",
"version_affected": "\u003e=",
"version_name": "3.9",
"version_value": "3.9"
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:3540",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3540"
},
{
"name": "RHSA-2018:2785",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2785"
},
{
"name": "RHSA-2018:3083",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
},
{
"name": "RHSA-2018:2925",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2925"
},
{
"name": "VU#641765",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/641765"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
},
{
"name": "USN-3741-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"name": "1041476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041476"
},
{
"name": "RHSA-2018:3459",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3459"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
},
{
"name": "RHSA-2018:2933",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2933"
},
{
"name": "USN-3740-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"name": "USN-3741-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"name": "RHSA-2018:3590",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3590"
},
{
"name": "RHSA-2018:2948",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "USN-3742-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"name": "USN-3740-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"name": "105108",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105108"
},
{
"name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
},
{
"name": "USN-3742-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"name": "RHSA-2018:2924",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2924"
},
{
"name": "DSA-4272",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4272"
},
{
"name": "RHSA-2018:3586",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3586"
},
{
"name": "RHSA-2018:2846",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2846"
},
{
"name": "1041637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041637"
},
{
"name": "RHSA-2018:3096",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"name": "RHSA-2018:2791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2791"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181003-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2018-5391",
"datePublished": "2018-09-06T21:00:00",
"dateReserved": "2018-01-12T00:00:00",
"dateUpdated": "2024-08-05T05:33:44.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-6568
Vulnerability from cvelistv5
Published
2019-04-17 13:40
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC CP 1604 |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1604",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1616",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 343-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 OPC UA",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF182C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF600R family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RFID 181EIP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.6.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 314C-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 315-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 315F-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 315T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 317-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 317F-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 317T-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 319-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-300 CPU 319F-3 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.0 SP1 UPD1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Teleservice Adapter IE Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Teleservice Adapter IE Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Teleservice Adapter IE Standard",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinAC RTX 2010",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2010 SP3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinAC RTX F 2010",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2010 SP3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V4.6 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V4.7 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V4.7 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V4.8 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 HF6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V5.1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G130 V5.1 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V4.6 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V4.7 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V4.7 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V4.8 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 HF6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V5.1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS G150 V5.1 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GH150 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GH150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 SP2 HF9"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GL150 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GL150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 SP2 HF9"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GM150 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS GM150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 SP2 HF9"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 HF6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V4.6 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V4.7 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V4.7 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V4.8 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 HF6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V5.1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S150 V5.1 SP1 Control Unit",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S210",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1 SP1 HF8"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SL150 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.7 HF33"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SL150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SM120 V4.7 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SM120 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.8 SP2 HF10"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS SM150 V4.8 (Control Unit)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200S IM151-8 PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200S IM151-8F PN/DP CPU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 343-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 314C-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 315-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 315F-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 317-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-300 CPU 317F-2 PN/DP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.16"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITOP Manager",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITOP PSU8600",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITOP UPS1600 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T11:51:03.049Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-6568",
"datePublished": "2019-04-17T13:40:24",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-31340
Vulnerability from cvelistv5
Published
2021-06-08 19:47
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC RF166C |
Version: All versions > V1.1 and < V1.3.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC RF166C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
},
{
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
},
{
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
},
{
"product": "SIMATIC RF186CI",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
},
{
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
},
{
"product": "SIMATIC RF188CI",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
},
{
"product": "SIMATIC RF360R",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.0"
}
]
},
{
"product": "SIMATIC Reader RF610R CMIIT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF610R ETSI",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF610R FCC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF615R CMIIT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF615R ETSI",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF615R FCC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF650R ARIB",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF650R CMIIT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF650R ETSI",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF650R FCC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF680R ARIB",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF680R CMIIT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF680R ETSI",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF680R FCC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF685R ARIB",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF685R CMIIT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF685R ETSI",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
},
{
"product": "SIMATIC Reader RF685R FCC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC RF166C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF185C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF360R (All versions \u003c V2.0), SIMATIC Reader RF610R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R FCC (All versions \u003e V3.0 \u003c V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T09:46:26",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-31340",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC RF166C",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
}
},
{
"product_name": "SIMATIC RF185C",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
}
},
{
"product_name": "SIMATIC RF186C",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
}
},
{
"product_name": "SIMATIC RF186CI",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
}
},
{
"product_name": "SIMATIC RF188C",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
}
},
{
"product_name": "SIMATIC RF188CI",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
}
]
}
},
{
"product_name": "SIMATIC RF360R",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF610R CMIIT",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF610R ETSI",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF610R FCC",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF615R CMIIT",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF615R ETSI",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF615R FCC",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF650R ARIB",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF650R CMIIT",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF650R ETSI",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF650R FCC",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF680R ARIB",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF680R CMIIT",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF680R ETSI",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF680R FCC",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF685R ARIB",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF685R CMIIT",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF685R ETSI",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
},
{
"product_name": "SIMATIC Reader RF685R FCC",
"version": {
"version_data": [
{
"version_value": "All versions \u003e V3.0 \u003c V4.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC RF166C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF185C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF360R (All versions \u003c V2.0), SIMATIC Reader RF610R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R FCC (All versions \u003e V3.0 \u003c V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-31340",
"datePublished": "2021-06-08T19:47:16",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37990
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:12
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
7.0 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
7.0 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37990",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:12:00.893655Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:12:10.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF610R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF615R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF650R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF680R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ARIB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R CMIIT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R ETSI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Reader RF685R FCC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1140R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF1170R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF166C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF185C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF186CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF188CI",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC RF360R",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912: Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:36:33.772Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-37990",
"datePublished": "2024-09-10T09:36:33.772Z",
"dateReserved": "2024-06-11T08:32:52.183Z",
"dateUpdated": "2024-09-10T15:12:10.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-09-06 21:29
Modified
2024-11-21 04:08
Severity ?
Summary
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt | Third Party Advisory | |
| cret@cert.org | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en | Broken Link | |
| cret@cert.org | http://www.openwall.com/lists/oss-security/2019/06/28/2 | Mailing List, Third Party Advisory | |
| cret@cert.org | http://www.openwall.com/lists/oss-security/2019/07/06/3 | Mailing List, Third Party Advisory | |
| cret@cert.org | http://www.openwall.com/lists/oss-security/2019/07/06/4 | Mailing List, Third Party Advisory | |
| cret@cert.org | http://www.securityfocus.com/bid/105108 | Third Party Advisory, VDB Entry | |
| cret@cert.org | http://www.securitytracker.com/id/1041476 | Third Party Advisory, VDB Entry | |
| cret@cert.org | http://www.securitytracker.com/id/1041637 | Third Party Advisory, VDB Entry | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:2785 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:2791 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:2846 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:2924 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:2925 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:2933 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:2948 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:3083 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:3096 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:3459 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:3540 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:3586 | Third Party Advisory | |
| cret@cert.org | https://access.redhat.com/errata/RHSA-2018:3590 | Third Party Advisory | |
| cret@cert.org | https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf | Third Party Advisory | |
| cret@cert.org | https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f | Patch, Vendor Advisory | |
| cret@cert.org | https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html | Mailing List, Mitigation, Third Party Advisory | |
| cret@cert.org | https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html | Mailing List, Third Party Advisory | |
| cret@cert.org | https://security.netapp.com/advisory/ntap-20181003-0002/ | Third Party Advisory | |
| cret@cert.org | https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS | ||
| cret@cert.org | https://usn.ubuntu.com/3740-1/ | Third Party Advisory | |
| cret@cert.org | https://usn.ubuntu.com/3740-2/ | Third Party Advisory | |
| cret@cert.org | https://usn.ubuntu.com/3741-1/ | Third Party Advisory | |
| cret@cert.org | https://usn.ubuntu.com/3741-2/ | Third Party Advisory | |
| cret@cert.org | https://usn.ubuntu.com/3742-1/ | Third Party Advisory | |
| cret@cert.org | https://usn.ubuntu.com/3742-2/ | Third Party Advisory | |
| cret@cert.org | https://www.debian.org/security/2018/dsa-4272 | Mitigation, Third Party Advisory | |
| cret@cert.org | https://www.kb.cert.org/vuls/id/641765 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/06/28/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/07/06/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/07/06/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105108 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041637 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2785 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2791 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2846 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2924 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2925 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2933 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2948 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3083 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3096 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3459 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3540 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3586 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3590 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html | Mailing List, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20181003-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3740-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3740-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3741-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3741-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3742-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3742-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4272 | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/641765 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 6.4 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_aus | 6.6 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_eus | 6.7 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_tus | 6.6 | |
| redhat | enterprise_linux_server_tus | 7.2 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_server_tus | 7.4 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| microsoft | windows_10 | - | |
| microsoft | windows_10 | 1607 | |
| microsoft | windows_10 | 1703 | |
| microsoft | windows_10 | 1709 | |
| microsoft | windows_10 | 1803 | |
| microsoft | windows_7 | - | |
| microsoft | windows_8.1 | - | |
| microsoft | windows_rt_8.1 | - | |
| microsoft | windows_server_2008 | - | |
| microsoft | windows_server_2008 | r2 | |
| microsoft | windows_server_2008 | r2 | |
| microsoft | windows_server_2012 | - | |
| microsoft | windows_server_2012 | r2 | |
| microsoft | windows_server_2016 | - | |
| microsoft | windows_server_2016 | 1709 | |
| microsoft | windows_server_2016 | 1803 | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_domain_name_system | * | |
| f5 | big-ip_edge_gateway | * | |
| f5 | big-ip_edge_gateway | * | |
| f5 | big-ip_edge_gateway | * | |
| f5 | big-ip_edge_gateway | * | |
| f5 | big-ip_edge_gateway | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_fraud_protection_service | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_webaccelerator | * | |
| f5 | big-ip_webaccelerator | * | |
| f5 | big-ip_webaccelerator | * | |
| f5 | big-ip_webaccelerator | * | |
| f5 | big-ip_webaccelerator | * | |
| siemens | ruggedcom_rm1224_firmware | * | |
| siemens | ruggedcom_rm1224 | - | |
| siemens | ruggedcom_rox_ii_firmware | * | |
| siemens | ruggedcom_rox_ii | - | |
| siemens | scalance_m-800_firmware | * | |
| siemens | scalance_m-800 | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - | |
| siemens | scalance_sc-600_firmware | * | |
| siemens | scalance_sc-600 | - | |
| siemens | scalance_w1700_ieee_802.11ac_firmware | * | |
| siemens | scalance_w1700_ieee_802.11ac | - | |
| siemens | scalance_w700_ieee_802.11a\/b\/g\/n_firmware | * | |
| siemens | scalance_w700_ieee_802.11a\/b\/g\/n | - | |
| siemens | simatic_net_cp_1242-7_firmware | * | |
| siemens | simatic_net_cp_1242-7 | - | |
| siemens | simatic_net_cp_1243-1_firmware | * | |
| siemens | simatic_net_cp_1243-1 | - | |
| siemens | simatic_net_cp_1243-7_lte_eu_firmware | * | |
| siemens | simatic_net_cp_1243-7_lte_eu | - | |
| siemens | simatic_net_cp_1243-7_lte_us_firmware | * | |
| siemens | simatic_net_cp_1243-7_lte_us | - | |
| siemens | simatic_net_cp_1243-8_irc_firmware | * | |
| siemens | simatic_net_cp_1243-8_irc | - | |
| siemens | simatic_net_cp_1542sp-1_firmware | * | |
| siemens | simatic_net_cp_1542sp-1 | - | |
| siemens | simatic_net_cp_1542sp-1_irc_firmware | * | |
| siemens | simatic_net_cp_1542sp-1_irc | - | |
| siemens | simatic_net_cp_1543-1_firmware | * | |
| siemens | simatic_net_cp_1543-1 | - | |
| siemens | simatic_net_cp_1543sp-1_firmware | * | |
| siemens | simatic_net_cp_1543sp-1 | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf188_firmware | * | |
| siemens | simatic_rf188 | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | sinema_remote_connect_server_firmware | * | |
| siemens | sinema_remote_connect_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "686948B0-67CE-46FB-87DF-D4A796614CF8",
"versionEndIncluding": "4.18",
"versionStartIncluding": "3.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:itanium:*:*",
"matchCriteriaId": "1BC405FE-D553-4F6E-A524-E0535B21BEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "627558CA-2606-4497-A232-0522D1CC8239",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9264B296-3445-4B9F-927D-7865BF3D8AF6",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7CF1E3-B1DA-4920-A37B-522CBA915535",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58C8E163-2A45-4C64-A7C2-5686C1EB3C78",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "471EEDFE-F399-4DA4-A229-F35570514346",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72900780-80F2-470C-AED6-92736CC5EFC7",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE43D60-C369-4806-B10A-97B02D715DFD",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EDF69DE-310C-4C01-AA98-5EFB76C4E639",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E17D443D-9E5D-4F41-A539-6D7842B21E25",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB7CEBE-7EB5-48BD-89F5-DE3B20C0946A",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D76F8CD6-1E23-4CB1-BE04-2F74E660120F",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6925A921-F946-4746-AE60-18919E44DAE2",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C1988C-A886-4040-A640-81C8E6732813",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA8C03D-3661-446D-B502-BEB52B7B6305",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0239DD74-6914-4B1C-9DA4-8D8D799A9B58",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86641EEE-52C4-4A09-9D0C-CC3254CFC256",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F65BFF-8F85-487E-850A-DFF8DA9D8F59",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E12292F-25C7-48CD-A96A-097779B73DEC",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1503B2F8-3549-4E52-87E9-6F0FD91F1428",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D36C6B19-D8ED-4E32-AEA1-D045F3B922DC",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D20BE1-7450-45AB-8A36-5AA1A84C3B54",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3FFD367-E47B-4491-9364-1BA3FA481964",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65A931C9-4301-49E2-B3C8-235862664E36",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BA9BE0-1646-41EF-BCE2-7BD4021196C5",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAA2418-D5A0-44D9-B4C7-D55553D374C1",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "068DD700-87D5-4979-A000-84A4D630F653",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB505ABB-7752-4590-9E8A-C5EAC190B349",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F46B8BF4-6DB9-48C1-8CB6-1FE0DE5B08C7",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B34FC0-168E-4CA8-B1F4-BDC0D2213280",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F10D272B-F8F8-4D67-B562-3B2AC9F30E52",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71BBF6B3-6F7E-468C-9723-4C13049259D0",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F13E6EC1-5BC4-4A17-928A-667DA7A93EBD",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F1C894-A475-457E-9AD9-934151E76200",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "678B7FC3-6796-4159-BF2B-8FAD49E0F566",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBCF9B1E-E4DF-46FE-BB85-E51657595936",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98117B55-838B-47C5-84AE-8F84357F1BAE",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "670C542A-63F1-4FC2-B215-ADE94FCF3512",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F104C6F4-47BB-416D-AB73-BBEA8A1BAE4B",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E47FF6-A851-4588-9F39-B292D4147AE6",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A8809FF-F8DF-48E8-9885-CD0C2AD79024",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0972BE5-3E14-4BB3-A635-C346FA49AA85",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBDBCC20-D7F8-4125-862F-E5596302DC90",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FFD156-606F-40DC-90D0-60B3DB5E3D90",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D960933D-9476-4473-A3FB-0032C051BE50",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3092DC8B-088E-45D2-BF0E-2E99C5395431",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1383A6A-60CF-4C10-9CFB-7B4FAEBEA3E6",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29D81E70-82D9-4FE8-B0D0-214149C30CF0",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C126233-AEE0-4E51-A738-CB6D098C4478",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44D33B41-F19D-4B46-9F9E-FC03051EBB0C",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D72DB2-91EA-4DBB-A68F-DC5127930755",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6065C3C1-1C16-48A5-B879-0F2A4B757D66",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BB3A6AE-0CE4-4A5D-AFA6-6AC0AE49B616",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B330C1A9-F937-4DE5-B111-46970DA853C2",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63529AEA-8B74-4CA1-BADF-14514D243DC5",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B00FFF-D49D-4C1C-9416-F6E95049945C",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54E61F23-BDD2-4938-AE39-D95C03B471B6",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BBC3D4-9B4E-4185-B327-8902DDFD4234",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C497F2ED-D143-4207-BCDA-68C3DB856529",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE65180C-47C8-41CF-B6C7-181259605B2C",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD3A8B31-C29E-4F5C-A95E-DB3F88E83A6D",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40B3C644-1703-4599-9021-F2C919B11AEC",
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D518DD68-B336-43A8-883C-1CE7B9BB5B0F",
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF432A4-76B4-4D32-B864-60F30568CABF",
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54E703A5-F9F1-4DDA-8B70-D3C6F51038B6",
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB13A0E-C1C4-403C-9990-AB7729F9585D",
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "755BF920-21B8-4D5C-AFF3-5566A0FF9FE4",
"versionEndExcluding": "6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284DF779-D900-48B4-A177-7281CD445AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB10E02-C5CA-42AC-AD48-72CE508CD627",
"versionEndExcluding": "2.13.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA04F52-40D0-4A4B-9767-265A26EFD98D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E409347-918D-4C13-AC0D-B76867A78786",
"versionEndExcluding": "6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB9921A-5204-40A3-88AB-B7755F5C6875",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB470D9-102A-429B-81C2-F9C28ABB627F",
"versionEndExcluding": "6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBF7633-A3E7-4CEF-AC2A-085AF303FF27",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "725C671B-D7A0-48CF-8A31-5F9C4173F1DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AF4337-C610-4E5B-9F6E-E0AE059E9D2E",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55CA7B83-9295-451A-9B78-832761A6BA79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4A8F09-A7B9-4569-A3AE-F3572CBD9AA5",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEAC9491-87D0-480B-B49A-4EC5D2A2C802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1242-7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58AACBFB-F828-4A17-816E-0BCA406B063D",
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1242-7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "122D4621-9DBD-4BB7-8CEF-2E9F69E6F8DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB9F6B9-7A43-4669-AEB8-30644609C5D9",
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65278BA0-3C81-4D81-9801-D7BE3A1D7680",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5B6CE8-F314-43C4-A01A-79DA4C71A34F",
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "555FAB7F-8D8C-46E8-91E2-83AA93A41940",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C1A675-67F8-4A1C-A67F-E081AC647A55",
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5179046-6D98-46A2-BDB8-2D5EF3C6D46F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "251E49C6-735C-492F-BD26-6994A6BB40BD",
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "350FD323-C876-4C7A-A2E7-4B0660C87F6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47EDF46E-8273-478A-A1F4-3CE781CB5E24",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0602DEEA-AE39-4A44-9D78-6623943DDCD6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52ED214A-EA23-43A7-B7F8-F0017B1063F8",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "951CDCA7-73BD-4494-9ED9-FD741A01DF93",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56C2BDC-928E-491A-8E7C-F976B3787C7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D103B7-B693-4E35-AF55-9238B6A16E77",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "783B50B8-2FB7-4982-88AA-B4F2AD094796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31BF3B2C-98D9-455F-BCB4-EEAC7EE84C9A",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63E0D36E-1DF9-4DB8-B563-EF77D947FA9E",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E39C5C7A-543C-4271-80EF-C728FFFA50D2",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34F52786-B328-4066-8F3C-457358E42989",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91E776EC-16DD-404D-A8AA-2344BA306E3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "361C68A1-6FDE-47EB-84C5-31AB100E8F30",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinema_remote_connect_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "284428BD-FF75-4D48-9137-2D64B46B6ED4",
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinema_remote_connect_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50360459-773D-4B1C-B28D-02A01BE5A0EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size."
},
{
"lang": "es",
"value": "El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegaci\u00f3n de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. Un atacante podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de fragmentos de IP especialmente manipulados. Se han descubierto varias vulnerabilidades en la fragmentaci\u00f3n de IP, que se han ido solucionando a lo largo de los a\u00f1os. La vulnerabilidad actual (CVE-2018-5391) se volvi\u00f3 explotable en el kernel de Linux con el aumento del tama\u00f1o de la cola de reensamblado de fragmentos de IP."
}
],
"id": "CVE-2018-5391",
"lastModified": "2024-11-21T04:08:43.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-06T21:29:00.363",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Broken Link"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105108"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041476"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041637"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2785"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2791"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2846"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2924"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2925"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2933"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3459"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3540"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3586"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3590"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
},
{
"source": "cret@cert.org",
"url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"source": "cret@cert.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4272"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/641765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3586"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/641765"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:46
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf | Vendor Advisory | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | cp1604_firmware | * | |
| siemens | cp1604 | - | |
| siemens | cp1616_firmware | * | |
| siemens | cp1616 | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_cp343-1_advanced_firmware | * | |
| siemens | simatic_cp343-1_advanced | - | |
| siemens | simatic_cp443-1_firmware | * | |
| siemens | simatic_cp443-1 | - | |
| siemens | simatic_cp443-1_advanced_firmware | * | |
| siemens | simatic_cp443-1_advanced | - | |
| siemens | simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware | * | |
| siemens | simatic_et_200_sp_open_controller_cpu_1515sp_pc | - | |
| siemens | simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware | * | |
| siemens | simatic_et_200_sp_open_controller_cpu_1515sp_pc2 | - | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | * | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | 15.1 | |
| siemens | simatic_hmi_comfort_outdoor_panels | - | |
| siemens | simatic_hmi_comfort_panels_firmware | * | |
| siemens | simatic_hmi_comfort_panels_firmware | 15.1 | |
| siemens | simatic_hmi_comfort_panels | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp400f | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700 | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp700f | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900 | - | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f_firmware | 15.1 | |
| siemens | simatic_hmi_ktp_mobile_panels_ktp900f | - | |
| siemens | simatic_cp443-1_opc_ua | * | |
| siemens | simatic_ipc_diagmonitor | * | |
| siemens | simatic_s7-1500_software_controller | * | |
| siemens | simatic_s7-plcsim_advanced | * | |
| siemens | simatic_s7-plcsim_advanced | 2.0 | |
| siemens | simatic_s7-plcsim_advanced | 2.0 | |
| siemens | simatic_wincc_runtime_advanced | * | |
| siemens | simatic_wincc_runtime_advanced | 15.1 | |
| siemens | simatic_wincc_runtime_advanced | 15.1 | |
| siemens | simatic_wincc_runtime_advanced | 15.1 | |
| siemens | simatic_wincc_runtime_advanced | 15.1 | |
| siemens | sitop_manager | * | |
| siemens | simatic_rf600r_firmware | * | |
| siemens | simatic_rf600r | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf182c_firmware | * | |
| siemens | simatic_rf182c | - | |
| siemens | simatic_rf181-eip_firmware | * | |
| siemens | simatic_rf181-eip | - | |
| siemens | simatic_s7-1500_firmware | * | |
| siemens | simatic_s7-1500 | - | |
| siemens | simatic_s7-300_firmware | * | |
| siemens | simatic_s7-300 | - | |
| siemens | simatic_s7-400_pn_firmware | * | |
| siemens | simatic_s7-400_pn | - | |
| siemens | simatic_s7-400_pn\/dp_firmware | * | |
| siemens | simatic_s7-400_pn\/dp | - | |
| siemens | simatic_teleservice_adapter_ie_advanced_firmware | * | |
| siemens | simatic_teleservice_adapter_ie_advanced | - | |
| siemens | simatic_teleservice_adapter_ie_basic_firmware | * | |
| siemens | simatic_teleservice_adapter_ie_basic | - | |
| siemens | simatic_teleservice_adapter_ie_standard_firmware | * | |
| siemens | simatic_teleservice_adapter_ie_standard | - | |
| siemens | simatic_winac_rtx_firmware | * | |
| siemens | simatic_winac_rtx_firmware | 2010 | |
| siemens | simatic_winac_rtx | - | |
| siemens | simocode_pro_v_eip_firmware | * | |
| siemens | simocode_pro_v_eip | - | |
| siemens | simocode_pro_v_pn_firmware | * | |
| siemens | simocode_pro_v_pn | - | |
| siemens | sinamics_g130_firmware | * | |
| siemens | sinamics_g130 | - | |
| siemens | sinamics_g150_firmware | * | |
| siemens | sinamics_g150 | - | |
| siemens | sinamics_s120_firmware | * | |
| siemens | sinamics_s120 | - | |
| siemens | sinamics_s150_firmware | * | |
| siemens | sinamics_s150_firmware | 5.1 | |
| siemens | sinamics_s150_firmware | 5.1 | |
| siemens | sinamics_s150_firmware | 5.1 | |
| siemens | sinamics_s150 | - | |
| siemens | sinamics_s210_firmware | * | |
| siemens | sinamics_s210_firmware | 5.1 | |
| siemens | sinamics_s210_firmware | 5.1 | |
| siemens | sinamics_s210 | - | |
| siemens | sitop_psu8600_firmware | * | |
| siemens | sitop_psu8600 | - | |
| siemens | sitop_ups1600_firmware | * | |
| siemens | sitop_ups1600 | - | |
| siemens | tim_1531_irc_firmware | * | |
| siemens | tim_1531_irc | - | |
| siemens | simatic_s7-1500f_firmware | * | |
| siemens | simatic_s7-1500f | - | |
| siemens | simatic_s7-1500s_firmware | * | |
| siemens | simatic_s7-1500s | - | |
| siemens | simatic_s7-1500t_firmware | * | |
| siemens | simatic_s7-1500t | - | |
| siemens | sinamics_gh150_firmware | * | |
| siemens | sinamics_gh150_firmware | 4.8 | |
| siemens | sinamics_gh150 | - | |
| siemens | sinamics_gl150_firmware | * | |
| siemens | sinamics_gl150_firmware | 4.8 | |
| siemens | sinamics_gl150 | - | |
| siemens | sinamics_gm150_firmware | * | |
| siemens | sinamics_gm150_firmware | 4.8 | |
| siemens | sinamics_gm150 | - | |
| siemens | sinamics_sl150_firmware | * | |
| siemens | sinamics_sl150_firmware | 4.8 | |
| siemens | sinamics_sl150 | - | |
| siemens | sinamics_sm120_firmware | * | |
| siemens | sinamics_sm120_firmware | 4.8 | |
| siemens | sinamics_sm120 | - | |
| siemens | sinamics_sm150_firmware | * | |
| siemens | sinamics_sm150_firmware | 5.1 | |
| siemens | sinamics_sm150 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:cp1604_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E737620D-9D00-4151-B232-7DFB7FD768B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:cp1604:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6222006F-09D7-49F7-B8C7-4D94298A8F6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:cp1616_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65FE6F54-1457-4EB6-9273-1D93B3B97386",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:cp1616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "184365A2-BAD2-4926-ACEE-F71E018D3CE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69EE2BF6-3846-478F-9AC6-BEF34617F3B5",
"versionEndExcluding": "1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp343-1_advanced_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E6601B8-E032-4B39-BF65-F25CF047EB99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp343-1_advanced:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCC0229-E454-4BEF-931A-3CD820500822",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp443-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2035A020-F41E-4FC7-A290-9923574D4921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp443-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8636E9-A3DA-4DDC-A3FC-B3EAAD07952E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp443-1_advanced_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD15638-8B84-4DA2-9DDC-9A1CA3548E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp443-1_advanced:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE94F56-71DB-4837-9818-6827C80DE2BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1873751-81F4-4732-B30F-9F2DEECBC110",
"versionEndExcluding": "2.1.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A5678E-9EAA-441A-AC77-94F824D64AEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F36AC571-C958-4CB8-91D9-5417C1812C02",
"versionEndExcluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00361A3C-60E9-4365-BB51-09D7792C441D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F18EA7BD-47D0-4367-8F18-C89239B201E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "5418D916-49A6-4B79-A653-E2C5221DEBE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_cp443-1_opc_ua:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56396833-12BF-4AE5-8D3E-695652A99DBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_ipc_diagmonitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD49A39-47D7-473C-9E46-6D9246BC6D04",
"versionEndExcluding": "5.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11C0A94D-5506-4A75-99E1-CA9769AF057C",
"versionEndExcluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B66A2A4-5062-45F8-A615-2DA716650909",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "AED3A3AF-EF77-4E58-91AD-BBE01E1DA4A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "23039930-E45C-4B0E-883A-E2F9A7502984",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
"matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
"matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
"matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sitop_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2662688E-6975-46C7-939B-25FF4790518D",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16CBED3D-892A-4EC0-BE2E-358040C34304",
"versionEndExcluding": "3.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA55275-691D-4269-93E4-C559C89E3FA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25F96DAA-696D-4EB4-97DF-986C7681700B",
"versionEndExcluding": "1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8FFD1C-8E33-48E9-A884-B80311F8BA4C",
"versionEndExcluding": "1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC4F972-3A3B-421C-8D62-9C5C4D1992CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7540DAD9-2AAC-46A9-B1C5-BB1AC4FCE710",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf181-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA94867-4367-4186-8A4B-44C3CBCCEF7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf181-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E10A0D57-8805-44DB-95E3-1B240ED5ED09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE766CD-695B-4A12-8BC5-3743D8E3D73E",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9461CADE-1624-4D1B-8CF2-CF65F75071C0",
"versionEndExcluding": "3.3.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD4E99-5C66-443F-8B6F-FA01C895DE78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-400_pn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A2219FE-2C3F-4948-85D6-3C53AC08722B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-400_pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "795D0FF9-1D0B-4C74-BEF3-58EAE74DFA0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-400_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC917346-94F6-44FD-AC00-AED0CF3CBBD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-400_pn\\/dp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F60D816D-85A5-4971-AF2D-666AE0B74E9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E76BDE-C7E9-4D6B-B5D9-A456516CD016",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DA3D1A-E435-418F-9A13-945B4BA15FC7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80D166A8-1EEC-42F4-8EAB-1747247A7A05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA520B6-5177-43E4-87C0-C215F79FE9B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_standard_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C887573-8BE8-42CF-B35A-22F9311AC627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_standard:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5A3F7E-D039-430F-89B0-6AB4FD2428D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDBB38-20D2-48C3-8B58-62C2D8CC00B8",
"versionEndExcluding": "2010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-:*:*:*:*:*:*",
"matchCriteriaId": "EA59D713-F342-4CDA-BDC8-108352D385DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA5ADAB0-3985-4933-8CDD-D1546D8271CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simocode_pro_v_eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A001968-C7FD-4C11-8439-11532B234CC2",
"versionEndExcluding": "1.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simocode_pro_v_eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50BDA360-0D33-42DC-ADB9-2F69503C2CD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simocode_pro_v_pn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15CB26DA-7CA0-4BD6-A219-01F6E8A6F03F",
"versionEndExcluding": "2.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simocode_pro_v_pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1779AE78-AC90-48BE-8FF2-CC11E7CA3CB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "856768D2-C096-4CA7-B26F-E94B005C0D79",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "373DBE44-AC28-4D04-93BB-35CD8C60E899",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C579C2C7-0402-46B2-A770-C3B7F71D1096",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2296CA65-0E89-4BCB-8003-E7212BF1F585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03F9CBC3-B2B3-4FA7-963D-A8F3AE6D8EA0",
"versionEndExcluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A824BD-935F-4E53-8313-C5544B0489C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "126AC93E-A39F-4754-9707-207C9F2F64F4",
"versionEndExcluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "3E8BCCED-BDC6-4785-8705-799836E5024E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "098262CC-4D3B-4E55-83C3-2816403C553B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1_hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6092F899-9A89-4FA4-BD80-97511DF7CF8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D48682C-A39D-4A09-B904-50FA64A9D2A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7269713-6505-41DF-B85B-F729E24A3F5B",
"versionEndExcluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BEBF14B3-65A0-41E9-B99C-D88548F307CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F151297C-3097-483F-98B5-0261BD547421",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFA8FB3-12A9-4D2E-BCFD-C66313521C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F389808-001E-4650-86B2-00A72D25BCD0",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55058209-8AE5-42AF-80D4-5A7A44307266",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sitop_ups1600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD39CC96-ABE3-4854-A102-36AFE1F6CB14",
"versionEndExcluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC1A64E-6A27-4F91-8A13-829E0F7D8E80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B023E75A-B76D-4FD8-9660-1F233092160F",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C47A4A-BE81-499A-AB36-491661B88693",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A255BC06-2776-4111-A525-76B17371B295",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66A446D2-39ED-4635-AAA0-85D977F600FE",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1752A2A-0034-4E00-AAC6-FA15345D7A41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5238622A-BCAD-4A06-9920-49BECFDDC2A6",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "741B2C38-174C-49DF-98D8-F7D6F49D1CE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E231DE7-8B8D-41A3-A163-CE8EF50AF9D0",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "6D076504-AFE3-4C51-80E5-C5992CA7D511",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3653DA37-DB23-41E0-8CE8-838E384AA40A",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "0F86A334-10F9-4DFB-A421-CBCAFD86C8C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E25804D-D943-4C2A-9C78-AAC61F7BA4FF",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "06B69CD4-3AEC-4014-81DB-33805A44A5D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD67D30A-8681-41AE-B248-7E50BA1B9FC8",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "FCC0EE8B-1088-46B6-992A-B8E12A7B7DC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31393A1B-4DBC-476D-875E-463B4B887E1B",
"versionEndExcluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "0206F9F2-27C7-4D2F-817B-13F8FA31E547",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC70D596-AA1E-4196-87B0-BECEE6568AA7",
"versionEndExcluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "1E81CDB5-122F-48D1-B9F1-4C401D46D978",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device."
},
{
"lang": "es",
"value": "SIPLUS), paneles exteriores SIMATIC HMI Comfort de 7\" y 15\" (incl. variantes SIPLUS), paneles SIMATIC HMI Comfort de 4\" - 22\" (incl. variantes SIPLUS), paneles SIMATIC ET 200SP Open Controller CPU 1515SP PC SIPLUS), paneles m\u00f3viles SIMATIC HMI KTP KTP400F, KTP700, KTP700F, KTP900 y KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, familia SIMATIC RF600R, familia de CPUs SIMATIC S7-1500 (incl. CPUs ET200 y variantes SIPLUS), controlador de software SIMATIC S7-1500, familia de CPUs SIMATIC S7-300 (incluidas las CPUs ET200 y variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V6 e inferiores (incluidas las variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V7 (incluidas las variantes SIPLUS) SIPLUS), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP (incl. SIPLUS), SIMOCODE pro V PN (incl. variantes SIPLUS), SINAMICS G130 V4.6 Control Unit, SINAMICS G130 V4.7 Control Unit, SINAMICS G130 V4.7 SP1 Control Unit, SINAMICS G130 V4.8 Control Unit, SINAMICS G130 V5.1 Control Unit, SINAMICS G130 V5. 1 SP1 Unidad de control, SINAMICS G150 V4.6 Unidad de control, SINAMICS G150 V4.7 Unidad de control, SINAMICS G150 V4.7 SP1 Unidad de control, SINAMICS G150 V4.8 Unidad de control, SINAMICS G150 V5. 1 Unidad de control, SINAMICS G150 V5.1 SP1 Unidad de control, SINAMICS GH150 V4.7 (Unidad de control), SINAMICS GH150 V4.8 (Unidad de control), SINAMICS GL150 V4.7 (Unidad de control), SINAMICS GL150 V4. 8 (Unidad de control), SINAMICS GM150 V4.7 (Unidad de control), SINAMICS GM150 V4.8 (Unidad de control), SINAMICS S120 V4.6 Unidad de control (incl. variantes SIPLUS), SINAMICS S120 V4.7 Unidad de control (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V4.7 SP1 (incl. variantes SIPLUS), SINAMICS S120 V4.8 (incl. variantes SIPLUS), SINAMICS S120 V5.1 (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V5.1 SP1 Unidad de Control (incl. variantes SIPLUS), SINAMICS S150 V4.6 Unidad de Control, SINAMICS S150 V4.7 Unidad de Control, SINAMICS S150 V4.7 SP1 Unidad de Control, SINAMICS S150 V4. 8 Unidad de control, SINAMICS S150 V5.1 Unidad de control, SINAMICS S150 V5.1 SP1 Unidad de control, SINAMICS S210 V5.1 Unidad de control, SINAMICS S210 V5.1 SP1 Unidad de control, SINAMICS SL150 V4. 7 (Unidad de Control), SINAMICS SL150 V4.8 (Unidad de Control), SINAMICS SM120 V4.7 (Unidad de Control), SINAMICS SM120 V4.8 (Unidad de Control), SINAMICS SM150 V4. 8 (unidad de control), SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SITOP Manager, SITOP PSU8600, SITOP UPS1600 (incl. variantes SIPLUS), TIM 1531 IRC (incl. variantes SIPLUS NET). El servidor web de los dispositivos afectados contiene una vulnerabilidad que puede conducir a una condici\u00f3n de denegaci\u00f3n de servicio. Un atacante puede provocar una situaci\u00f3n de denegaci\u00f3n de servicio que lleve a reiniciar el servidor web del dispositivo afectado. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red de los sistemas afectados. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad del dispositivo"
}
],
"id": "CVE-2019-6568",
"lastModified": "2024-11-21T04:46:42.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2019-04-17T14:29:03.683",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:32
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_rf360r_firmware | * | |
| siemens | simatic_rf360r | - | |
| siemens | simatic_rf1170r_firmware | * | |
| siemens | simatic_rf1170r | - | |
| siemens | simatic_rf1140r_firmware | * | |
| siemens | simatic_rf1140r | - | |
| siemens | simatic_reader_rf685r_fcc_firmware | * | |
| siemens | simatic_reader_rf685r_fcc | - | |
| siemens | simatic_reader_rf685r_etsi_firmware | * | |
| siemens | simatic_reader_rf685r_etsi | - | |
| siemens | simatic_reader_rf685r_cmiit_firmware | * | |
| siemens | simatic_reader_rf685r_cmiit | - | |
| siemens | simatic_reader_rf685r_arib_firmware | * | |
| siemens | simatic_reader_rf685r_arib | - | |
| siemens | simatic_reader_rf680r_fcc_firmware | * | |
| siemens | simatic_reader_rf680r_fcc | - | |
| siemens | simatic_reader_rf680r_etsi_firmware | * | |
| siemens | simatic_reader_rf680r_etsi | - | |
| siemens | simatic_reader_rf680r_cmiit_firmware | * | |
| siemens | simatic_reader_rf680r_cmiit | - | |
| siemens | simatic_reader_rf680r_arib_firmware | * | |
| siemens | simatic_reader_rf680r_arib | - | |
| siemens | simatic_reader_rf650r_fcc_firmware | * | |
| siemens | simatic_reader_rf650r_fcc | - | |
| siemens | simatic_reader_rf650r_etsi_firmware | * | |
| siemens | simatic_reader_rf650r_etsi | - | |
| siemens | simatic_reader_rf650r_cmiit_firmware | * | |
| siemens | simatic_reader_rf650r_cmiit | - | |
| siemens | simatic_reader_rf650r_arib_firmware | * | |
| siemens | simatic_reader_rf650r_arib | - | |
| siemens | simatic_reader_rf615r_fcc_firmware | * | |
| siemens | simatic_reader_rf615r_fcc | - | |
| siemens | simatic_reader_rf615r_etsi_firmware | * | |
| siemens | simatic_reader_rf615r_etsi | - | |
| siemens | simatic_reader_rf615r_cmiit_firmware | * | |
| siemens | simatic_reader_rf615r_cmiit | - | |
| siemens | simatic_reader_rf610r_fcc_firmware | * | |
| siemens | simatic_reader_rf610r_fcc | - | |
| siemens | simatic_reader_rf610r_etsi_firmware | * | |
| siemens | simatic_reader_rf610r_etsi | - | |
| siemens | simatic_reader_rf610r_cmiit_firmware | * | |
| siemens | simatic_reader_rf610r_cmiit | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf166c_firmware | * | |
| siemens | simatic_rf166c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). Las aplicaciones afectadas no autentican la creaci\u00f3n de instancias de Ajax2App. Esto podr\u00eda permitir que un atacante no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio."
}
],
"id": "CVE-2024-37993",
"lastModified": "2024-09-18T15:32:26.037",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "LOW",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-09-10T10:15:11.090",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-08 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_rf166c_firmware | * | |
| siemens | simatic_rf166c | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | simatic_rf360r_firmware | * | |
| siemens | simatic_rf360r | - | |
| siemens | simatic_reader_rf610r_cmiit_firmware | * | |
| siemens | simatic_reader_rf610r_cmiit | - | |
| siemens | simatic_reader_rf610r_etsi_firmware | * | |
| siemens | simatic_reader_rf610r_etsi | - | |
| siemens | simatic_reader_rf610r_fcc_firmware | * | |
| siemens | simatic_reader_rf610r_fcc | - | |
| siemens | simatic_reader_rf615r_cmiit_firmware | * | |
| siemens | simatic_reader_rf615r_cmiit | - | |
| siemens | simatic_reader_rf615r_etsi_firmware | * | |
| siemens | simatic_reader_rf615r_etsi | - | |
| siemens | simatic_reader_rf615r_fcc_firmware | * | |
| siemens | simatic_reader_rf615r_fcc | - | |
| siemens | simatic_reader_rf650r_cmiit_firmware | * | |
| siemens | simatic_reader_rf650r_cmiit | - | |
| siemens | simatic_reader_rf650r_etsi_firmware | * | |
| siemens | simatic_reader_rf650r_etsi | - | |
| siemens | simatic_reader_rf650r_fcc_firmware | * | |
| siemens | simatic_reader_rf650r_fcc | - | |
| siemens | simatic_reader_rf650r_arib_firmware | * | |
| siemens | simatic_reader_rf650r_arib | - | |
| siemens | simatic_reader_rf680r_cmiit_firmware | * | |
| siemens | simatic_reader_rf680r_cmiit | - | |
| siemens | simatic_reader_rf680r_etsi_firmware | * | |
| siemens | simatic_reader_rf680r_etsi | - | |
| siemens | simatic_reader_rf680r_fcc_firmware | * | |
| siemens | simatic_reader_rf680r_fcc | - | |
| siemens | simatic_reader_rf680r_arib_firmware | * | |
| siemens | simatic_reader_rf680r_arib | - | |
| siemens | simatic_reader_rf685r_cmiit_firmware | * | |
| siemens | simatic_reader_rf685r_cmiit | - | |
| siemens | simatic_reader_rf685r_etsi_firmware | * | |
| siemens | simatic_reader_rf685r_etsi | - | |
| siemens | simatic_reader_rf685r_fcc_firmware | * | |
| siemens | simatic_reader_rf685r_fcc | - | |
| siemens | simatic_reader_rf685r_arib_firmware | * | |
| siemens | simatic_reader_rf685r_arib | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FAEBD5A-ED36-47C5-8DA5-9845F22EE58D",
"versionEndExcluding": "1.3.2",
"versionStartExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82AED53B-754E-4486-B3C9-334CEAFFA51E",
"versionEndExcluding": "1.3.2",
"versionStartExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "625CC7AD-CC00-4D98-AB84-057EC715CAE0",
"versionEndExcluding": "1.3.2",
"versionStartExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22922F9-A759-48DC-9474-1AF21B7E1BF1",
"versionEndExcluding": "1.3.2",
"versionStartExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22EF569C-77BB-461B-A306-9939C4A40BD7",
"versionEndExcluding": "1.3.2",
"versionStartExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFB4E7E-2C7C-42CD-A48B-C4D5AA29F5FB",
"versionEndExcluding": "1.3.2",
"versionStartExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4963ECC-C73C-4E0D-996B-200FA72457AE",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF403B4-5CF2-400B-A478-ED6793C4B1AC",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49053F22-7090-4F95-A22B-43AE63EA0861",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C641A539-9150-4ACD-A048-D51B47BBE018",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FCB4AEE-63F7-4D51-91B1-004ABA57B8D2",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66C94341-A430-4E33-B04F-EC1902CA4931",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C72BD0C-B03C-4F53-854F-1075D8169425",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF3A61A-E125-4BE1-BC05-0F2144B738FD",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61CD6B66-2A64-45A8-A64E-D8377E7C8DE7",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A14F72-1BFF-40F9-A0B4-C5465E041208",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85FCC663-C190-4F0A-BD69-4E2F44A1EED5",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E645BE68-DB7B-48AC-8A51-CE576B902711",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6371B9FA-0137-4E3E-B32C-F56DD083F6E3",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD90CE56-9B4E-4293-9C46-1FF1348FF6BF",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2CC054-6101-450F-A063-7B51BC021A24",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F33F00E-48FC-4961-9BEA-C336B1238DAB",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF0A163-D7D9-4326-8695-DC8E735F908E",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C40DE2-564E-4D08-A747-50B64D47C08A",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A8411B-EB2C-422C-BA70-ACF9ABF57F59",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC RF166C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF185C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF360R (All versions \u003c V2.0), SIMATIC Reader RF610R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R FCC (All versions \u003e V3.0 \u003c V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC RF166C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF185C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF186C (Todas las versiones posteriores a V1. 1 y y anteriores a V1.3.2), SIMATIC RF186CI (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF188C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF188CI (Todas las versiones posteriores a V1.1 y y anteriores a V1.3. 2), SIMATIC RF360R (Todas las versiones y anteriores a V2.0), SIMATIC Reader RF610R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF610R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF610R FCC (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF615R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF615R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF615R FCC (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF650R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF650R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF650R ETSI (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF650R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF680R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF680R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4. 0), SIMATIC Reader RF680R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF680R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4. 0), SIMATIC Reader RF685R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0). Los dispositivos afectados no manejan adecuadamente un gran n\u00famero de conexiones entrantes. Un atacante puede aprovechar esto para provocar una situaci\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-31340",
"lastModified": "2024-11-21T06:05:27.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-08T20:15:08.853",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-25 15:15
Modified
2024-11-21 06:21
Severity ?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| openssl-security@openssl.org | http://www.openwall.com/lists/oss-security/2021/03/27/1 | Mailing List, Third Party Advisory | |
| openssl-security@openssl.org | http://www.openwall.com/lists/oss-security/2021/03/27/2 | Mailing List, Third Party Advisory | |
| openssl-security@openssl.org | http://www.openwall.com/lists/oss-security/2021/03/28/3 | Mailing List, Third Party Advisory | |
| openssl-security@openssl.org | http://www.openwall.com/lists/oss-security/2021/03/28/4 | Mailing List, Third Party Advisory | |
| openssl-security@openssl.org | https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | Third Party Advisory | |
| openssl-security@openssl.org | https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf | Patch, Third Party Advisory | |
| openssl-security@openssl.org | https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 | ||
| openssl-security@openssl.org | https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 | Third Party Advisory | |
| openssl-security@openssl.org | https://kc.mcafee.com/corporate/index?page=content&id=SB10356 | Third Party Advisory | |
| openssl-security@openssl.org | https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html | Mailing List, Third Party Advisory | |
| openssl-security@openssl.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ | ||
| openssl-security@openssl.org | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 | Third Party Advisory | |
| openssl-security@openssl.org | https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc | Third Party Advisory | |
| openssl-security@openssl.org | https://security.gentoo.org/glsa/202103-03 | Third Party Advisory | |
| openssl-security@openssl.org | https://security.netapp.com/advisory/ntap-20210326-0006/ | Third Party Advisory | |
| openssl-security@openssl.org | https://security.netapp.com/advisory/ntap-20210513-0002/ | Third Party Advisory | |
| openssl-security@openssl.org | https://security.netapp.com/advisory/ntap-20240621-0006/ | ||
| openssl-security@openssl.org | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd | Third Party Advisory | |
| openssl-security@openssl.org | https://www.debian.org/security/2021/dsa-4875 | Third Party Advisory | |
| openssl-security@openssl.org | https://www.openssl.org/news/secadv/20210325.txt | Vendor Advisory | |
| openssl-security@openssl.org | https://www.oracle.com//security-alerts/cpujul2021.html | Patch, Third Party Advisory | |
| openssl-security@openssl.org | https://www.oracle.com/security-alerts/cpuApr2021.html | Patch, Third Party Advisory | |
| openssl-security@openssl.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| openssl-security@openssl.org | https://www.oracle.com/security-alerts/cpujul2022.html | Third Party Advisory | |
| openssl-security@openssl.org | https://www.oracle.com/security-alerts/cpuoct2021.html | Third Party Advisory | |
| openssl-security@openssl.org | https://www.tenable.com/security/tns-2021-05 | Third Party Advisory | |
| openssl-security@openssl.org | https://www.tenable.com/security/tns-2021-06 | Third Party Advisory | |
| openssl-security@openssl.org | https://www.tenable.com/security/tns-2021-09 | Third Party Advisory | |
| openssl-security@openssl.org | https://www.tenable.com/security/tns-2021-10 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/03/27/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/03/27/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/03/28/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/03/28/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10356 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202103-03 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210326-0006/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210513-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240621-0006/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4875 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openssl.org/news/secadv/20210325.txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com//security-alerts/cpujul2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuApr2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuoct2021.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-05 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-06 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-09 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-10 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| freebsd | freebsd | 12.2 | |
| freebsd | freebsd | 12.2 | |
| freebsd | freebsd | 12.2 | |
| netapp | active_iq_unified_manager | - | |
| netapp | cloud_volumes_ontap_mediator | - | |
| netapp | e-series_performance_analyzer | - | |
| netapp | oncommand_insight | - | |
| netapp | oncommand_workflow_automation | - | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | santricity_smi-s_provider | - | |
| netapp | snapcenter | - | |
| netapp | storagegrid | - | |
| tenable | log_correlation_engine | * | |
| tenable | nessus | * | |
| tenable | nessus_network_monitor | 5.11.0 | |
| tenable | nessus_network_monitor | 5.11.1 | |
| tenable | nessus_network_monitor | 5.12.0 | |
| tenable | nessus_network_monitor | 5.12.1 | |
| tenable | nessus_network_monitor | 5.13.0 | |
| tenable | tenable.sc | * | |
| fedoraproject | fedora | 34 | |
| mcafee | web_gateway | 8.2.19 | |
| mcafee | web_gateway | 9.2.10 | |
| mcafee | web_gateway | 10.1.1 | |
| mcafee | web_gateway_cloud_service | 8.2.19 | |
| mcafee | web_gateway_cloud_service | 9.2.10 | |
| mcafee | web_gateway_cloud_service | 10.1.1 | |
| checkpoint | quantum_security_management_firmware | r80.40 | |
| checkpoint | quantum_security_management_firmware | r81 | |
| checkpoint | quantum_security_management | - | |
| checkpoint | multi-domain_management_firmware | r80.40 | |
| checkpoint | multi-domain_management_firmware | r81 | |
| checkpoint | multi-domain_management | - | |
| checkpoint | quantum_security_gateway_firmware | r80.40 | |
| checkpoint | quantum_security_gateway_firmware | r81 | |
| checkpoint | quantum_security_gateway | - | |
| oracle | communications_communications_policy_management | 12.6.0.0.0 | |
| oracle | enterprise_manager_for_storage_management | 13.4.0.0 | |
| oracle | essbase | 21.2 | |
| oracle | graalvm | 19.3.5 | |
| oracle | graalvm | 20.3.1.2 | |
| oracle | graalvm | 21.0.0.2 | |
| oracle | jd_edwards_enterpriseone_tools | * | |
| oracle | jd_edwards_world_security | a9.4 | |
| oracle | mysql_connectors | * | |
| oracle | mysql_server | * | |
| oracle | mysql_server | * | |
| oracle | mysql_workbench | * | |
| oracle | peoplesoft_enterprise_peopletools | 8.57 | |
| oracle | peoplesoft_enterprise_peopletools | 8.58 | |
| oracle | peoplesoft_enterprise_peopletools | 8.59 | |
| oracle | primavera_unifier | * | |
| oracle | primavera_unifier | 19.12 | |
| oracle | primavera_unifier | 20.12 | |
| oracle | primavera_unifier | 21.12 | |
| oracle | secure_backup | * | |
| oracle | secure_global_desktop | 5.6 | |
| oracle | zfs_storage_appliance_kit | 8.8 | |
| sonicwall | sma100_firmware | * | |
| sonicwall | sma100 | - | |
| sonicwall | capture_client | 3.5 | |
| sonicwall | sonicos | 7.0.1.0 | |
| siemens | ruggedcom_rcm1224_firmware | * | |
| siemens | ruggedcom_rcm1224 | - | |
| siemens | scalance_lpe9403_firmware | * | |
| siemens | scalance_lpe9403 | - | |
| siemens | scalance_m-800_firmware | * | |
| siemens | scalance_m-800 | - | |
| siemens | scalance_s602_firmware | * | |
| siemens | scalance_s602 | - | |
| siemens | scalance_s612_firmware | * | |
| siemens | scalance_s612 | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - | |
| siemens | scalance_s623_firmware | * | |
| siemens | scalance_s623 | - | |
| siemens | scalance_s627-2m_firmware | * | |
| siemens | scalance_s627-2m | - | |
| siemens | scalance_sc-600_firmware | * | |
| siemens | scalance_sc-600 | - | |
| siemens | scalance_w700_firmware | * | |
| siemens | scalance_w700 | - | |
| siemens | scalance_w1700_firmware | * | |
| siemens | scalance_w1700 | - | |
| siemens | scalance_xb-200_firmware | * | |
| siemens | scalance_xb-200 | - | |
| siemens | scalance_xc-200_firmware | * | |
| siemens | scalance_xc-200 | - | |
| siemens | scalance_xf-200ba_firmware | * | |
| siemens | scalance_xf-200ba | - | |
| siemens | scalance_xm-400_firmware | * | |
| siemens | scalance_xm-400 | - | |
| siemens | scalance_xp-200_firmware | * | |
| siemens | scalance_xp-200 | - | |
| siemens | scalance_xr-300wg_firmware | * | |
| siemens | scalance_xr-300wg | - | |
| siemens | scalance_xr524-8c_firmware | * | |
| siemens | scalance_xr524-8c | - | |
| siemens | scalance_xr526-8c_firmware | * | |
| siemens | scalance_xr526-8c | - | |
| siemens | scalance_xr528-6m_firmware | * | |
| siemens | scalance_xr528-6m | - | |
| siemens | scalance_xr552-12_firmware | * | |
| siemens | scalance_xr552-12 | - | |
| siemens | simatic_cloud_connect_7_firmware | * | |
| siemens | simatic_cloud_connect_7_firmware | - | |
| siemens | simatic_cloud_connect_7 | - | |
| siemens | simatic_cp_1242-7_gprs_v2_firmware | * | |
| siemens | simatic_cp_1242-7_gprs_v2_firmware | - | |
| siemens | simatic_cp_1242-7_gprs_v2 | - | |
| siemens | simatic_hmi_basic_panels_2nd_generation_firmware | * | |
| siemens | simatic_hmi_basic_panels_2nd_generation | - | |
| siemens | simatic_hmi_comfort_outdoor_panels_firmware | * | |
| siemens | simatic_hmi_comfort_outdoor_panels | - | |
| siemens | simatic_hmi_ktp_mobile_panels_firmware | * | |
| siemens | simatic_hmi_ktp_mobile_panels | - | |
| siemens | simatic_mv500_firmware | * | |
| siemens | simatic_mv500 | - | |
| siemens | simatic_net_cp_1243-1_firmware | * | |
| siemens | simatic_net_cp_1243-1 | - | |
| siemens | simatic_net_cp1243-7_lte_eu_firmware | * | |
| siemens | simatic_net_cp1243-7_lte_eu | - | |
| siemens | simatic_net_cp1243-7_lte_us_firmware | * | |
| siemens | simatic_net_cp1243-7_lte_us | - | |
| siemens | simatic_net_cp_1243-8_irc_firmware | * | |
| siemens | simatic_net_cp_1243-8_irc | - | |
| siemens | simatic_net_cp_1542sp-1_irc_firmware | * | |
| siemens | simatic_net_cp_1542sp-1_irc | - | |
| siemens | simatic_net_cp_1543-1_firmware | * | |
| siemens | simatic_net_cp_1543-1 | - | |
| siemens | simatic_net_cp_1543sp-1_firmware | * | |
| siemens | simatic_net_cp_1543sp-1 | - | |
| siemens | simatic_net_cp_1545-1_firmware | * | |
| siemens | simatic_net_cp_1545-1 | - | |
| siemens | simatic_pcs_7_telecontrol_firmware | * | |
| siemens | simatic_pcs_7_telecontrol | - | |
| siemens | simatic_pcs_neo_firmware | * | |
| siemens | simatic_pcs_neo | - | |
| siemens | simatic_pdm_firmware | * | |
| siemens | simatic_pdm | - | |
| siemens | simatic_process_historian_opc_ua_server_firmware | * | |
| siemens | simatic_process_historian_opc_ua_server | - | |
| siemens | simatic_rf166c_firmware | * | |
| siemens | simatic_rf166c | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | simatic_rf360r_firmware | * | |
| siemens | simatic_rf360r | - | |
| siemens | simatic_s7-1200_cpu_1211c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1211c | - | |
| siemens | simatic_s7-1200_cpu_1212c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1212c | - | |
| siemens | simatic_s7-1200_cpu_1212fc_firmware | * | |
| siemens | simatic_s7-1200_cpu_1212fc | - | |
| siemens | simatic_s7-1200_cpu_1214_fc_firmware | * | |
| siemens | simatic_s7-1200_cpu_1214_fc | - | |
| siemens | simatic_s7-1200_cpu_1214c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1214c | - | |
| siemens | simatic_s7-1200_cpu_1214_fc_firmware | * | |
| siemens | simatic_s7-1200_cpu_1214_fc | - | |
| siemens | simatic_s7-1200_cpu_1215_fc_firmware | * | |
| siemens | simatic_s7-1200_cpu_1215_fc | - | |
| siemens | simatic_s7-1200_cpu_1215c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1215c | - | |
| siemens | simatic_s7-1200_cpu_1217c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1217c | - | |
| siemens | simatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmware | * | |
| siemens | simatic_s7-1500_cpu_1518-4_pn\/dp_mfp | - | |
| siemens | sinamics_connect_300_firmware | * | |
| siemens | sinamics_connect_300 | - | |
| siemens | tim_1531_irc_firmware | * | |
| siemens | tim_1531_irc | - | |
| siemens | simatic_logon | * | |
| siemens | simatic_logon | 1.5 | |
| siemens | simatic_wincc_runtime_advanced | * | |
| siemens | simatic_wincc_telecontrol | - | |
| siemens | sinec_nms | 1.0 | |
| siemens | sinec_nms | 1.0 | |
| siemens | sinec_pni | - | |
| siemens | sinema_server | 14.0 | |
| siemens | sinema_server | 14.0 | |
| siemens | sinema_server | 14.0 | |
| siemens | sinema_server | 14.0 | |
| siemens | sinema_server | 14.0 | |
| siemens | sinumerik_opc_ua_server | * | |
| siemens | tia_administrator | * | |
| siemens | sinec_infrastructure_network_services | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * | |
| nodejs | node.js | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B213E696-A6D9-45E7-B4E4-E4CFE54ECEB8",
"versionEndExcluding": "1.1.1k",
"versionStartIncluding": "1.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*",
"matchCriteriaId": "73D9C08B-8F5B-40C4-A5BD-B00D2E4C012D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "62A178A3-6A52-4981-9A27-FB07AD8AF778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "54A487B1-E5CE-4C76-87E8-518D24C5D86D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280AA828-6FA9-4260-8EC1-019423B966E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24B8DB06-590A-4008-B0AB-FCD1401C77C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*",
"matchCriteriaId": "361B791A-D336-4431-8F68-8135BEFFAEA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADFF451-740F-4DBA-BD23-3881945D3E40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4ACF85D6-6B45-43DA-9C01-F0208186F014",
"versionEndExcluding": "6.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC12300-9051-4C70-9941-9FE5E64B4B30",
"versionEndIncluding": "8.13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "657682A0-54D5-4DC6-A98E-8BAF685926C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC5C76C-3474-4B26-8CF0-2DFAFA3D5458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8661D361-71B5-4C41-A818-C89EC551D900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "253603DC-2D92-442A-B3A8-A63E14D8A070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E112CFF-31F9-4D87-9A1B-AE0FCF69615E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC1721B5-9FCD-47C3-8338-E02932CF2C05",
"versionEndIncluding": "5.17.0",
"versionStartIncluding": "5.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:8.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA7F1FD-9FAB-4654-98B0-4588EEC8B69A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:9.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "868B2C4B-CE6B-41DA-A373-7D4FA51EFE9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "550F47A2-3393-481E-BC40-CE606BFA8776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:8.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "43392D27-6C07-41C7-A17F-10C433338CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:9.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8FBF6C4C-195F-49A7-861D-52677D9BE58D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90732D53-E802-4E1B-B6C8-B1FDCE7905A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r80.40:*:*:*:*:*:*:*",
"matchCriteriaId": "A98B128A-C58E-48EC-B691-AF73126A0822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r81:*:*:*:*:*:*:*",
"matchCriteriaId": "345B990F-C1C4-440B-804E-0A2882FE7C01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08601413-25E2-4977-B67A-C11A9D788EA8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r80.40:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC067CC-EB90-43F5-9674-089D5C611573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r81:*:*:*:*:*:*:*",
"matchCriteriaId": "80B223A7-1039-445D-ABE1-5E481004D956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1584E1B4-412C-40E2-BF07-4E464692F2AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*",
"matchCriteriaId": "A0002A29-8B42-445D-9EC4-58BC93194241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0EDB21-9305-4601-AB96-A77BD00F311D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "570DB369-A31B-4108-A7FD-09F674129603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61516569-C48F-4362-B334-8CA10EDB0EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "394A16F2-CCD4-44E5-BF6B-E0C782A9FA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "058C7C4B-D692-49DE-924A-C2725A8162D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "0F0434A5-F2A1-4973-917C-A95F2ABE97D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "96DD93E0-274E-4C36-99F3-EEF085E57655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86305E47-33E9-411C-B932-08C395C09982",
"versionEndExcluding": "9.2.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1CAD50-749F-4ADB-A046-BF3585677A58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8782A14-89B0-45EE-A5CB-FF715F5BA379",
"versionEndIncluding": "8.0.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C40ECC8-933B-47A4-8082-FCF0EF9C973E",
"versionEndIncluding": "5.7.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32714AD7-BCD1-4624-9923-5E6D927CF3CB",
"versionEndIncluding": "8.0.23",
"versionStartIncluding": "8.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1A94E1-A6C6-488D-A74C-6C0B24637272",
"versionEndIncluding": "8.0.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
"matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
"matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C01E8B82-71C7-4A4A-A70A-7B147524AB4A",
"versionEndExcluding": "18.1.0.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA11710-9EA8-49B4-8FD1-3AEE442F6ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E8B6D50-D482-43E9-A20D-FA77FD59AE2D",
"versionEndExcluding": "10.2.1.0-17sv",
"versionStartIncluding": "10.2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sma100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4A2B7B-40F5-4AE0-ACC7-E94B82435DBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:capture_client:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "349EB4AE-65E3-42DC-8F9C-3A1A155324D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD8688A-2D55-4A7E-A143-1BD0FCF957B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5081E52B-E7C0-46BD-B1D0-2C70ABCC8831",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rcm1224:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3747CDD7-E833-4B68-A362-77D6A2E9D888",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058D21EA-E94C-4DDC-AD92-967DAC934457",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52A77C9D-E59C-4397-B834-797D7B334A6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "424CD8EA-D8CB-40C7-8E0F-AC4B05C59C99",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB9921A-5204-40A3-88AB-B7755F5C6875",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s602_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "858B6A84-5D0E-4E23-AE32-A45B51BAC8CF",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s602:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D89D82-C2CE-44DC-A05B-B956F20BF4E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s612_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D173626B-9C50-489F-8BA4-1C45E5F96526",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7B48D2-0D17-420D-AAE1-35E5C0BE2924",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E967F5FC-6F3E-4982-8813-CA1DAF3BE165",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s623_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81F315D8-0B26-4442-B330-85124017A482",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s623:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80D9A79-7984-462B-B4B9-6A4429422038",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s627-2m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20F735-7A70-4A24-9621-786F99C8F87D",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s627-2m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B51B40F8-71D2-4D2D-8EC2-CE154A6D7533",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973B8030-B630-4D67-B897-25A359A96185",
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "725C671B-D7A0-48CF-8A31-5F9C4173F1DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86EA8E3F-81BD-47BC-9834-A9B69CA7E70C",
"versionStartIncluding": "6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3033B1E-57A6-4AE3-A861-7047CF8EAD79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE116AD9-B55F-41C8-8B55-329809DB63E1",
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D9A73DD-4A21-4096-B4B6-A0A825E71006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "144CDF5E-7E07-428B-B4DF-C94992B3A44A",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "339FFBDF-6957-481F-84CE-878B5CAAD9C8",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7719E194-EE3D-4CE8-8C85-CF0D82A553AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBB13D3-4E04-4D01-B880-C16C4FFA240B",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58377C58-F660-4C17-A3CB-BFC2F28848CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E40058B3-3726-4F6A-AB41-7679487639F2",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "798E900F-5EF9-4B39-B8C2-79FAE659E7F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E642D10-E701-44DF-863B-D0DAA5530F50",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F962FC7-0616-467F-8CCA-ADEA224B5F7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A53C2B5-A3FD-44CC-A78B-D2124EF37DB4",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54FBE4D4-F31E-4B61-9216-44C8EC2988AB",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20511D61-FC1D-453E-BDF6-D3FB9951192A",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67661569-6233-4C74-9C72-88BD14B257FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "640AC619-B516-46FC-821B-09C4542A3FD6",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E048C4A-A414-4C87-A865-4D4218AE32EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB979DB-731B-4693-A9F8-B11ED953717C",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09743616-31C9-4E47-8A4A-B15D76204BE7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "886D2FE6-B054-4E3B-BACB-F08C0A119A80",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B185B70-CAC9-47AC-8639-7A4707C21540",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cloud_connect_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA78457-260C-467B-9785-04B3C8EDF3B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEA3BEE-E7AF-4C9A-ADE4-CE7FC1DB7639",
"versionStartIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049460B8-6186-44F9-B41F-284A2EC0B3B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "205482DA-548C-4757-91F0-1599438873BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_basic_panels_2nd_generation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45208694-635A-42AC-B668-8B67C60568B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_basic_panels_2nd_generation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D8F8BCE-35CE-492A-8BFE-2C36EA51CE5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C147D9-4649-4289-B18B-55BD6E33521A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54EFA8B5-8DA1-4547-9E15-BDC265C56006",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CEB200-E38F-4629-9279-5AF065396678",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4FA1E6-4C5A-4CDC-AD40-E384C0BCA90D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93A5B50E-0316-4189-8F41-54732CFCF63F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D254DA1D-C53E-426B-9C69-580CC47CF0AA",
"versionStartIncluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65278BA0-3C81-4D81-9801-D7BE3A1D7680",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C06A02ED-0BA3-4A2C-AF0C-689B8AEB34B8",
"versionStartIncluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7B1E-10F6-4215-AF69-CC36192E0FCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8C00EE-1154-440C-A223-A2CE99CE3126",
"versionStartIncluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "171A9543-E677-422F-8AEA-1BC2D0E53593",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB201DD3-8890-453E-A11E-1E13B3DAB3F9",
"versionStartIncluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "350FD323-C876-4C7A-A2E7-4B0660C87F6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61E498B1-87FF-454B-8DF0-61D0D3208491",
"versionStartIncluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90FB801F-11B5-438C-98A1-E928BFEA2ADB",
"versionEndExcluding": "3.0",
"versionStartIncluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56C2BDC-928E-491A-8E7C-F976B3787C7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4BA1E6-64F7-4B96-8302-134057DAB1BE",
"versionStartIncluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "783B50B8-2FB7-4982-88AA-B4F2AD094796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCA9544-DD17-4F56-B34C-91A3F37154AF",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1256EB4B-DD8A-4F99-AE69-F74E8F789C63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_pcs_7_telecontrol_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C25165E-EDE9-42F1-A3B9-0E47630D49CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_pcs_7_telecontrol:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF281FB-26E0-43E4-A2B6-4015661368AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_pcs_neo_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEACFC9-41B7-4EE0-9427-692363880326",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_pcs_neo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3CA343-CA2A-4593-930C-158612CE7A55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9AE23E-7DAE-4191-BA4E-A7CD655C4BC8",
"versionStartIncluding": "9.1.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092B735-42D5-48D5-947B-288C0FA2E180",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D874D636-392A-4750-B976-F411DBCEBA8D",
"versionStartIncluding": "2019",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14EC9343-7778-40B0-A74D-5C156FF2A229",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "968FBB4E-5B0B-43D4-B3AD-418028093990",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5212F097-B65A-4D73-BB6F-49687F8AD980",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D806113B-57EB-4AA0-9D5E-12E30337A93B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53FA50A7-2DF6-454E-8A8E-838C392AB417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3D41E9-58B3-4251-8710-A8C4A24ABBD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC628CB7-0816-4267-9C5D-954BD0233D2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88E64167-16AA-48D7-BCDC-B15D37FA666D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F1294A-1C26-4D43-9C53-D833F2510536",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3871C0C9-C65E-4E0B-9CA8-75E60066297F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF60081-D534-44F5-972F-23257F16F372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07849777-92E7-41D2-9128-F8D20DE15391",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF1726E-B56F-4D39-AFF4-E79A3CA00DE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68B3573B-A31E-4489-B2DD-B01B5C1D03CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC4A9F7-9858-4F95-8097-F8D09DA61314",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B640800C-9263-4BEA-9DA5-1323932540BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4948734A-0AAD-4D28-B7FF-FFBBB9AA39C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE17584A-BF7A-48B8-A9CB-477663766C63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC4A9F7-9858-4F95-8097-F8D09DA61314",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B640800C-9263-4BEA-9DA5-1323932540BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215_fc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE37798-B068-40E5-BC03-1D8D303E5926",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215_fc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C7D55C-8D99-4E2F-A254-1BDE2B12A203",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E0C491C-5C4A-4F1C-ABD4-9502A54AAA78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC4698CF-F935-4707-BA91-7E3650C7956C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7657063-1296-4734-B108-A2FF7A01B07F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "232279DE-CF1C-4A3C-886D-B4CE3F104F09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C477CCD-06C7-4907-8B0C-4FCE7F6DADAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC4FA01-8DDB-41E4-B759-7B504F78AEBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sinamics_connect_300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3360ACCE-E735-4E34-B278-0D4460E74CBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sinamics_connect_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B854F5B-78C7-41FE-9364-5E71B36342A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B20D95-C4B3-4D13-A3D8-F22AC42DC059",
"versionEndExcluding": "2.2",
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_logon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F24E40-F3F0-48F3-B3DC-5F98B0564F7A",
"versionStartIncluding": "1.6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_logon:1.5:sp3_update_1:*:*:*:*:*:*",
"matchCriteriaId": "423359E5-9C36-4C6B-AB24-B030E6C61D53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_telecontrol:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3169FD3-CBA2-417C-95EF-4F8AE9FAB5AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec_nms:1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4ED13FC8-63C0-42C6-A51C-C480C45327C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec_nms:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E68FE047-8F53-46B8-82D4-9342B1C8CA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec_pni:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1353DC31-FB12-427A-B1B2-9164A4BEE14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B0A5CC25-A323-4D49-8989-5A417D12D646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A690BCD3-6497-43F7-8A51-E033B9121DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AA375D44-ECC5-4BD3-A3D5-6D2AA68782D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update1:*:*:*:*:*:*",
"matchCriteriaId": "6CD26C73-B61F-424B-91C2-352E2CAE6666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update2:*:*:*:*:*:*",
"matchCriteriaId": "DB4EA15F-ECA4-477F-948F-490FC90BC66A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA14E65-214C-431D-A49A-D8FC142D4541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "915B09CB-CA0A-445B-89D3-16AE9B08858E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253",
"versionEndExcluding": "1.0.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "25A3180B-21AF-4010-9DAB-41ADFD2D8031",
"versionEndIncluding": "10.12.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "43B199B4-D89C-483D-ACAE-6CB2A59EE67C",
"versionEndIncluding": "10.24.0",
"versionStartIncluding": "10.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "564ED5C8-50D7-413A-B88E-E62B6C07336A",
"versionEndIncluding": "12.12.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "3DEBF7C8-B000-47B9-B597-DC440F2603B3",
"versionEndExcluding": "12.22.1",
"versionStartIncluding": "12.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "428DCD7B-6F66-4F18-B780-5BD80143D482",
"versionEndIncluding": "14.14.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "380D03F3-6A7E-43A2-B002-FB2521FD3C58",
"versionEndExcluding": "14.16.1",
"versionStartIncluding": "14.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"matchCriteriaId": "3ED4D313-F372-4CC1-BE11-6BBA2F0E90E3",
"versionEndExcluding": "15.14.0",
"versionStartIncluding": "15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
},
{
"lang": "es",
"value": "Un servidor OpenSSL TLS puede cometer un fallo si un cliente env\u00eda un mensaje ClientHello de renegociaci\u00f3n dise\u00f1ado maliciosamente.\u0026#xa0;Si una renegociaci\u00f3n de TLSv1.2 ClientHello omite la extensi\u00f3n signature_algorithms (donde estaba presente en el ClientHello inicial), pero incluye una extensi\u00f3n signature_algorithms_cert, se producir\u00e1 una desreferencia del puntero NULL, lo que conllevar\u00e1 un bloqueo y un ataque de denegaci\u00f3n de servicio.\u0026#xa0;Un servidor solo es vulnerable si tiene TLSv1.2 y la renegociaci\u00f3n habilitada (que es la configuraci\u00f3n predeterminada).\u0026#xa0;Los clientes de OpenSSL TLS no est\u00e1n afectados por este problema.\u0026#xa0;Todas las versiones de OpenSSL versi\u00f3n 1.1.1 est\u00e1n afectadas por este problema.\u0026#xa0;Los usuarios de estas versiones deben actualizar a OpenSSL versi\u00f3n 1.1.1k.\u0026#xa0;OpenSSL versi\u00f3n 1.0.2 no est\u00e1 afectado por este problema.\u0026#xa0;Corregido en OpenSSL versi\u00f3n 1.1.1k (Afectadas versiones 1.1.1-1.1.1j)"
}
],
"id": "CVE-2021-3449",
"lastModified": "2024-11-21T06:21:33.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-25T15:15:13.450",
"references": [
{
"source": "openssl-security@openssl.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
},
{
"source": "openssl-security@openssl.org",
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
},
{
"source": "openssl-security@openssl.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202103-03"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
},
{
"source": "openssl-security@openssl.org",
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4875"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20210325.txt"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-05"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-06"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-09"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202103-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20210325.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-10"
}
],
"sourceIdentifier": "openssl-security@openssl.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:31
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_rf360r_firmware | * | |
| siemens | simatic_rf360r | - | |
| siemens | simatic_rf1170r_firmware | * | |
| siemens | simatic_rf1170r | - | |
| siemens | simatic_rf1140r_firmware | * | |
| siemens | simatic_rf1140r | - | |
| siemens | simatic_reader_rf685r_fcc_firmware | * | |
| siemens | simatic_reader_rf685r_fcc | - | |
| siemens | simatic_reader_rf685r_etsi_firmware | * | |
| siemens | simatic_reader_rf685r_etsi | - | |
| siemens | simatic_reader_rf685r_cmiit_firmware | * | |
| siemens | simatic_reader_rf685r_cmiit | - | |
| siemens | simatic_reader_rf685r_arib_firmware | * | |
| siemens | simatic_reader_rf685r_arib | - | |
| siemens | simatic_reader_rf680r_fcc_firmware | * | |
| siemens | simatic_reader_rf680r_fcc | - | |
| siemens | simatic_reader_rf680r_etsi_firmware | * | |
| siemens | simatic_reader_rf680r_etsi | - | |
| siemens | simatic_reader_rf680r_cmiit_firmware | * | |
| siemens | simatic_reader_rf680r_cmiit | - | |
| siemens | simatic_reader_rf680r_arib_firmware | * | |
| siemens | simatic_reader_rf680r_arib | - | |
| siemens | simatic_reader_rf650r_fcc_firmware | * | |
| siemens | simatic_reader_rf650r_fcc | - | |
| siemens | simatic_reader_rf650r_etsi_firmware | * | |
| siemens | simatic_reader_rf650r_etsi | - | |
| siemens | simatic_reader_rf650r_cmiit_firmware | * | |
| siemens | simatic_reader_rf650r_cmiit | - | |
| siemens | simatic_reader_rf650r_arib_firmware | * | |
| siemens | simatic_reader_rf650r_arib | - | |
| siemens | simatic_reader_rf615r_fcc_firmware | * | |
| siemens | simatic_reader_rf615r_fcc | - | |
| siemens | simatic_reader_rf615r_etsi_firmware | * | |
| siemens | simatic_reader_rf615r_etsi | - | |
| siemens | simatic_reader_rf615r_cmiit_firmware | * | |
| siemens | simatic_reader_rf615r_cmiit | - | |
| siemens | simatic_reader_rf610r_fcc_firmware | * | |
| siemens | simatic_reader_rf610r_fcc | - | |
| siemens | simatic_reader_rf610r_etsi_firmware | * | |
| siemens | simatic_reader_rf610r_etsi | - | |
| siemens | simatic_reader_rf610r_cmiit_firmware | * | |
| siemens | simatic_reader_rf610r_cmiit | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf166c_firmware | * | |
| siemens | simatic_rf166c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). Los dispositivos afectados no gestionan correctamente el error en caso de exceso de caracteres al configurar SNMP, lo que provoca el reinicio de la aplicaci\u00f3n."
}
],
"id": "CVE-2024-37992",
"lastModified": "2024-09-18T15:31:27.597",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "HIGH",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-09-10T10:15:10.837",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-703"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:35
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_rf360r_firmware | * | |
| siemens | simatic_rf360r | - | |
| siemens | simatic_rf1170r_firmware | * | |
| siemens | simatic_rf1170r | - | |
| siemens | simatic_rf1140r_firmware | * | |
| siemens | simatic_rf1140r | - | |
| siemens | simatic_reader_rf685r_fcc_firmware | * | |
| siemens | simatic_reader_rf685r_fcc | - | |
| siemens | simatic_reader_rf685r_etsi_firmware | * | |
| siemens | simatic_reader_rf685r_etsi | - | |
| siemens | simatic_reader_rf685r_cmiit_firmware | * | |
| siemens | simatic_reader_rf685r_cmiit | - | |
| siemens | simatic_reader_rf685r_arib_firmware | * | |
| siemens | simatic_reader_rf685r_arib | - | |
| siemens | simatic_reader_rf680r_fcc_firmware | * | |
| siemens | simatic_reader_rf680r_fcc | - | |
| siemens | simatic_reader_rf680r_etsi_firmware | * | |
| siemens | simatic_reader_rf680r_etsi | - | |
| siemens | simatic_reader_rf680r_cmiit_firmware | * | |
| siemens | simatic_reader_rf680r_cmiit | - | |
| siemens | simatic_reader_rf680r_arib_firmware | * | |
| siemens | simatic_reader_rf680r_arib | - | |
| siemens | simatic_reader_rf650r_fcc_firmware | * | |
| siemens | simatic_reader_rf650r_fcc | - | |
| siemens | simatic_reader_rf650r_etsi_firmware | * | |
| siemens | simatic_reader_rf650r_etsi | - | |
| siemens | simatic_reader_rf650r_cmiit_firmware | * | |
| siemens | simatic_reader_rf650r_cmiit | - | |
| siemens | simatic_reader_rf650r_arib_firmware | * | |
| siemens | simatic_reader_rf650r_arib | - | |
| siemens | simatic_reader_rf615r_fcc_firmware | * | |
| siemens | simatic_reader_rf615r_fcc | - | |
| siemens | simatic_reader_rf615r_etsi_firmware | * | |
| siemens | simatic_reader_rf615r_etsi | - | |
| siemens | simatic_reader_rf615r_cmiit_firmware | * | |
| siemens | simatic_reader_rf615r_cmiit | - | |
| siemens | simatic_reader_rf610r_fcc_firmware | * | |
| siemens | simatic_reader_rf610r_fcc | - | |
| siemens | simatic_reader_rf610r_etsi_firmware | * | |
| siemens | simatic_reader_rf610r_etsi | - | |
| siemens | simatic_reader_rf610r_cmiit_firmware | * | |
| siemens | simatic_reader_rf610r_cmiit | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf166c_firmware | * | |
| siemens | simatic_rf166c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). La aplicaci\u00f3n afectada contiene un elemento de configuraci\u00f3n oculto para habilitar la funcionalidad de depuraci\u00f3n. Esto podr\u00eda permitir que un atacante obtenga informaci\u00f3n sobre la configuraci\u00f3n interna de la implementaci\u00f3n."
}
],
"id": "CVE-2024-37994",
"lastModified": "2024-09-18T15:35:17.403",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-09-10T10:15:11.340",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-912"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:29
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_rf360r_firmware | * | |
| siemens | simatic_rf360r | - | |
| siemens | simatic_rf1170r_firmware | * | |
| siemens | simatic_rf1170r | - | |
| siemens | simatic_rf1140r_firmware | * | |
| siemens | simatic_rf1140r | - | |
| siemens | simatic_reader_rf685r_fcc_firmware | * | |
| siemens | simatic_reader_rf685r_fcc | - | |
| siemens | simatic_reader_rf685r_etsi_firmware | * | |
| siemens | simatic_reader_rf685r_etsi | - | |
| siemens | simatic_reader_rf685r_cmiit_firmware | * | |
| siemens | simatic_reader_rf685r_cmiit | - | |
| siemens | simatic_reader_rf685r_arib_firmware | * | |
| siemens | simatic_reader_rf685r_arib | - | |
| siemens | simatic_reader_rf680r_fcc_firmware | * | |
| siemens | simatic_reader_rf680r_fcc | - | |
| siemens | simatic_reader_rf680r_etsi_firmware | * | |
| siemens | simatic_reader_rf680r_etsi | - | |
| siemens | simatic_reader_rf680r_cmiit_firmware | * | |
| siemens | simatic_reader_rf680r_cmiit | - | |
| siemens | simatic_reader_rf680r_arib_firmware | * | |
| siemens | simatic_reader_rf680r_arib | - | |
| siemens | simatic_reader_rf650r_fcc_firmware | * | |
| siemens | simatic_reader_rf650r_fcc | - | |
| siemens | simatic_reader_rf650r_etsi_firmware | * | |
| siemens | simatic_reader_rf650r_etsi | - | |
| siemens | simatic_reader_rf650r_cmiit_firmware | * | |
| siemens | simatic_reader_rf650r_cmiit | - | |
| siemens | simatic_reader_rf650r_arib_firmware | * | |
| siemens | simatic_reader_rf650r_arib | - | |
| siemens | simatic_reader_rf615r_fcc_firmware | * | |
| siemens | simatic_reader_rf615r_fcc | - | |
| siemens | simatic_reader_rf615r_etsi_firmware | * | |
| siemens | simatic_reader_rf615r_etsi | - | |
| siemens | simatic_reader_rf615r_cmiit_firmware | * | |
| siemens | simatic_reader_rf615r_cmiit | - | |
| siemens | simatic_reader_rf610r_fcc_firmware | * | |
| siemens | simatic_reader_rf610r_fcc | - | |
| siemens | simatic_reader_rf610r_etsi_firmware | * | |
| siemens | simatic_reader_rf610r_etsi | - | |
| siemens | simatic_reader_rf610r_cmiit_firmware | * | |
| siemens | simatic_reader_rf610r_cmiit | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf166c_firmware | * | |
| siemens | simatic_rf166c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). Se puede acceder a los archivos de registro de servicio de la aplicaci\u00f3n afectada sin la autenticaci\u00f3n adecuada. Esto podr\u00eda permitir que un atacante no autenticado obtenga acceso a informaci\u00f3n confidencial."
}
],
"id": "CVE-2024-37991",
"lastModified": "2024-09-18T15:29:44.390",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "NONE"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-09-10T10:15:10.600",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:37
Severity ?
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_rf360r_firmware | * | |
| siemens | simatic_rf360r | - | |
| siemens | simatic_rf1170r_firmware | * | |
| siemens | simatic_rf1170r | - | |
| siemens | simatic_rf1140r_firmware | * | |
| siemens | simatic_rf1140r | - | |
| siemens | simatic_reader_rf685r_fcc_firmware | * | |
| siemens | simatic_reader_rf685r_fcc | - | |
| siemens | simatic_reader_rf685r_etsi_firmware | * | |
| siemens | simatic_reader_rf685r_etsi | - | |
| siemens | simatic_reader_rf685r_cmiit_firmware | * | |
| siemens | simatic_reader_rf685r_cmiit | - | |
| siemens | simatic_reader_rf685r_arib_firmware | * | |
| siemens | simatic_reader_rf685r_arib | - | |
| siemens | simatic_reader_rf680r_fcc_firmware | * | |
| siemens | simatic_reader_rf680r_fcc | - | |
| siemens | simatic_reader_rf680r_etsi_firmware | * | |
| siemens | simatic_reader_rf680r_etsi | - | |
| siemens | simatic_reader_rf680r_cmiit_firmware | * | |
| siemens | simatic_reader_rf680r_cmiit | - | |
| siemens | simatic_reader_rf680r_arib_firmware | * | |
| siemens | simatic_reader_rf680r_arib | - | |
| siemens | simatic_reader_rf650r_fcc_firmware | * | |
| siemens | simatic_reader_rf650r_fcc | - | |
| siemens | simatic_reader_rf650r_etsi_firmware | * | |
| siemens | simatic_reader_rf650r_etsi | - | |
| siemens | simatic_reader_rf650r_cmiit_firmware | * | |
| siemens | simatic_reader_rf650r_cmiit | - | |
| siemens | simatic_reader_rf650r_arib_firmware | * | |
| siemens | simatic_reader_rf650r_arib | - | |
| siemens | simatic_reader_rf615r_fcc_firmware | * | |
| siemens | simatic_reader_rf615r_fcc | - | |
| siemens | simatic_reader_rf615r_etsi_firmware | * | |
| siemens | simatic_reader_rf615r_etsi | - | |
| siemens | simatic_reader_rf615r_cmiit_firmware | * | |
| siemens | simatic_reader_rf615r_cmiit | - | |
| siemens | simatic_reader_rf610r_fcc_firmware | * | |
| siemens | simatic_reader_rf610r_fcc | - | |
| siemens | simatic_reader_rf610r_etsi_firmware | * | |
| siemens | simatic_reader_rf610r_etsi | - | |
| siemens | simatic_reader_rf610r_cmiit_firmware | * | |
| siemens | simatic_reader_rf610r_cmiit | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf166c_firmware | * | |
| siemens | simatic_rf166c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). La aplicaci\u00f3n afectada maneja incorrectamente el error durante la carga de un certificado defectuoso, lo que provoca el bloqueo de la aplicaci\u00f3n. Esta vulnerabilidad podr\u00eda permitir a un atacante revelar informaci\u00f3n confidencial."
}
],
"id": "CVE-2024-37995",
"lastModified": "2024-09-18T15:37:15.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 2.1,
"baseSeverity": "LOW",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "LOW",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-09-10T10:15:11.570",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-703"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:27
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_rf360r_firmware | * | |
| siemens | simatic_rf360r | - | |
| siemens | simatic_rf1170r_firmware | * | |
| siemens | simatic_rf1170r | - | |
| siemens | simatic_rf1140r_firmware | * | |
| siemens | simatic_rf1140r | - | |
| siemens | simatic_reader_rf685r_fcc_firmware | * | |
| siemens | simatic_reader_rf685r_fcc | - | |
| siemens | simatic_reader_rf685r_etsi_firmware | * | |
| siemens | simatic_reader_rf685r_etsi | - | |
| siemens | simatic_reader_rf685r_cmiit_firmware | * | |
| siemens | simatic_reader_rf685r_cmiit | - | |
| siemens | simatic_reader_rf685r_arib_firmware | * | |
| siemens | simatic_reader_rf685r_arib | - | |
| siemens | simatic_reader_rf680r_fcc_firmware | * | |
| siemens | simatic_reader_rf680r_fcc | - | |
| siemens | simatic_reader_rf680r_etsi_firmware | * | |
| siemens | simatic_reader_rf680r_etsi | - | |
| siemens | simatic_reader_rf680r_cmiit_firmware | * | |
| siemens | simatic_reader_rf680r_cmiit | - | |
| siemens | simatic_reader_rf680r_arib_firmware | * | |
| siemens | simatic_reader_rf680r_arib | - | |
| siemens | simatic_reader_rf650r_fcc_firmware | * | |
| siemens | simatic_reader_rf650r_fcc | - | |
| siemens | simatic_reader_rf650r_etsi_firmware | * | |
| siemens | simatic_reader_rf650r_etsi | - | |
| siemens | simatic_reader_rf650r_cmiit_firmware | * | |
| siemens | simatic_reader_rf650r_cmiit | - | |
| siemens | simatic_reader_rf650r_arib_firmware | * | |
| siemens | simatic_reader_rf650r_arib | - | |
| siemens | simatic_reader_rf615r_fcc_firmware | * | |
| siemens | simatic_reader_rf615r_fcc | - | |
| siemens | simatic_reader_rf615r_etsi_firmware | * | |
| siemens | simatic_reader_rf615r_etsi | - | |
| siemens | simatic_reader_rf615r_cmiit_firmware | * | |
| siemens | simatic_reader_rf615r_cmiit | - | |
| siemens | simatic_reader_rf610r_fcc_firmware | * | |
| siemens | simatic_reader_rf610r_fcc | - | |
| siemens | simatic_reader_rf610r_etsi_firmware | * | |
| siemens | simatic_reader_rf610r_etsi | - | |
| siemens | simatic_reader_rf610r_cmiit_firmware | * | |
| siemens | simatic_reader_rf610r_cmiit | - | |
| siemens | simatic_rf188ci_firmware | * | |
| siemens | simatic_rf188ci | - | |
| siemens | simatic_rf188c_firmware | * | |
| siemens | simatic_rf188c | - | |
| siemens | simatic_rf186ci_firmware | * | |
| siemens | simatic_rf186ci | - | |
| siemens | simatic_rf186c_firmware | * | |
| siemens | simatic_rf186c | - | |
| siemens | simatic_rf185c_firmware | * | |
| siemens | simatic_rf185c | - | |
| siemens | simatic_rf166c_firmware | * | |
| siemens | simatic_rf166c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
"versionEndExcluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
"versionEndExcluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). Las aplicaciones afectadas contienen archivos de configuraci\u00f3n que se pueden modificar. Un atacante con acceso privilegiado puede modificar estos archivos y habilitar funciones que no est\u00e1n disponibles para este dispositivo."
}
],
"id": "CVE-2024-37990",
"lastModified": "2024-09-18T15:27:53.563",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "HIGH",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "HIGH"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-09-10T10:15:10.227",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-912"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}