gsd - gsd-2023-27321

gsd-2023-27321

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2023-27321

Aliases

CVE-2023-27321

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2023-27321",
      id: "GSD-2023-27321",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2023-27321",
         ],
         id: "GSD-2023-27321",
         modified: "2023-12-13T01:20:56.048886Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "cve@mitre.org",
            ID: "CVE-2023-27321",
            STATE: "RESERVED",
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
               },
            ],
         },
      },
      "gitlab.com": {
         advisories: [
            {
               affected_range: "(,1.4.371.86)",
               affected_versions: "All versions before 1.4.371.86",
               cwe_ids: [
                  "CWE-1035",
                  "CWE-937",
               ],
               date: "2023-05-05",
               description: "This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows\nremote attackers to send malicious requests that consume all memory available to the server. https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf",
               fixed_versions: [
                  "1.4.371.86",
               ],
               identifier: "CVE-2023-27321",
               identifiers: [
                  "GHSA-vpf7-r2fv-75m9",
                  "CVE-2023-27321",
               ],
               not_impacted: "All versions starting from 1.4.371.86",
               package_slug: "nuget/OPCFoundation.NetStandard.Opc.Ua.Server",
               pubdate: "2023-05-05",
               solution: "Upgrade to version 1.4.371.86 or above.",
               title: "Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server",
               urls: [
                  "https://github.com/OPCFoundation/UA-.NETStandard/security/advisories/GHSA-vpf7-r2fv-75m9",
                  "https://github.com/advisories/GHSA-vpf7-r2fv-75m9",
               ],
               uuid: "9ec9bd54-f09f-4a82-a982-4363b7ba102a",
            },
         ],
      },
   },
}

cve-2023-27321

Vulnerability from cvelistv5

Published

2024-05-07 22:55

Modified

2024-08-02 12:09

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20505.

References

▼	URL	Tags
	https://www.zerodayinitiative.com/advisories/ZDI-23-548/	x_research-advisory
	https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf	vendor-advisory

Impacted products

	Vendor	Product	Version
	OPC Foundation	UA .NET Standard	Version: 1.4.371.60

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:opcfoundation:unified_architecture_.net-standard:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "unified_architecture_.net-standard",
                  vendor: "opcfoundation",
                  versions: [
                     {
                        status: "affected",
                        version: "1.4.371.60",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-27321",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-08T15:27:13.124910Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:24:44.157Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T12:09:43.438Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "ZDI-23-548",
                  tags: [
                     "x_research-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-23-548/",
               },
               {
                  name: "vendor-provided URL",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               product: "UA .NET Standard",
               vendor: "OPC Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "1.4.371.60",
                  },
               ],
            },
         ],
         dateAssigned: "2023-02-28T12:05:53.841-06:00",
         datePublic: "2023-05-04T17:17:13.102-05:00",
         descriptions: [
            {
               lang: "en",
               value: "OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20505.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-07T22:55:01.898Z",
            orgId: "99f1926a-a320-47d8-bbb5-42feb611262e",
            shortName: "zdi",
         },
         references: [
            {
               name: "ZDI-23-548",
               tags: [
                  "x_research-advisory",
               ],
               url: "https://www.zerodayinitiative.com/advisories/ZDI-23-548/",
            },
            {
               name: "vendor-provided URL",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf",
            },
         ],
         source: {
            lang: "en",
            value: "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov",
         },
         title: "OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e",
      assignerShortName: "zdi",
      cveId: "CVE-2023-27321",
      datePublished: "2024-05-07T22:55:01.898Z",
      dateReserved: "2023-02-28T17:58:45.477Z",
      dateUpdated: "2024-08-02T12:09:43.438Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted