VAR-201508-0391
Vulnerability from variot - Updated: 2023-12-18 11:00Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value. VxWorks is a real-time operating system widely used on ICS-related devices. Schneider Electric SAGE RTU is a series of industrial data communication equipment of French Schneider Electric (Schneider Electric). Wind River VxWorks is a set of embedded real-time operating systems (RTOS) developed by Wind River in the United States.
A security vulnerability exists in Wind River VxWorks used in previous versions of Schneider Electric SAGE RTU equipment J2. The following versions are affected: Wind River VxWorks before 5.5.1, 6.5.x, 6.6.x, 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, and 6.9 before 6.9.4.4. x version, 7.x version before 7 ipnet_coreip 1.2.2.0. An attacker can exploit this issue to gain access to sensitive information, to cause a denial-of-service condition and perform certain unauthorized actions; this may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0391",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vxworks",
"scope": "lte",
"trust": 1.0,
"vendor": "windriver",
"version": "6.6"
},
{
"model": "vxworks",
"scope": "gte",
"trust": 1.0,
"vendor": "windriver",
"version": "6.7"
},
{
"model": "vxworks",
"scope": "lt",
"trust": 1.0,
"vendor": "windriver",
"version": "6.8.3"
},
{
"model": "vxworks",
"scope": "lt",
"trust": 1.0,
"vendor": "windriver",
"version": "6.7.1.1"
},
{
"model": "vxworks",
"scope": "lt",
"trust": 1.0,
"vendor": "windriver",
"version": "6.9.4.4"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "6.6.4"
},
{
"model": "vxworks",
"scope": "gte",
"trust": 1.0,
"vendor": "windriver",
"version": "6.5"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "6.6.4.1"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "6.6.3"
},
{
"model": "vxworks",
"scope": "gte",
"trust": 1.0,
"vendor": "windriver",
"version": "6.9"
},
{
"model": "vxworks",
"scope": "gte",
"trust": 1.0,
"vendor": "windriver",
"version": "6.8"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "7.0"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.9,
"vendor": "windriver",
"version": "6.9"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.9,
"vendor": "windriver",
"version": "6.8"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.9,
"vendor": "windriver",
"version": "6.7"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.9,
"vendor": "windriver",
"version": "6.6"
},
{
"model": "sage 1230 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "vxworks",
"scope": "lt",
"trust": 0.8,
"vendor": "wind river",
"version": "6.7.x"
},
{
"model": "sage 1350 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "sage 1410 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "sage 1330 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "sage 1310 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.8,
"vendor": "wind river",
"version": "6.9.4.4"
},
{
"model": "vxworks",
"scope": "lt",
"trust": 0.8,
"vendor": "wind river",
"version": "7.x"
},
{
"model": "sage 2400 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "vxworks",
"scope": "lt",
"trust": 0.8,
"vendor": "wind river",
"version": "6.9.x"
},
{
"model": "sage 1250 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.8,
"vendor": "wind river",
"version": "7 ipnet_coreip 1.2.2.0"
},
{
"model": "sage 1210 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.8,
"vendor": "wind river",
"version": "6.5.x from 6.7.1.1"
},
{
"model": "sage 3030 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "sage 1430 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "sage 2200 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "vxworks",
"scope": "lt",
"trust": 0.8,
"vendor": "wind river",
"version": "6.8.x"
},
{
"model": "sage 1450 rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "sage 3030 magnum rtu",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.8,
"vendor": "wind river",
"version": "6.8.3"
},
{
"model": "river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.x"
},
{
"model": "river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "7.x"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "windriver",
"version": "6.9.4"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "windriver",
"version": "5.5"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "windriver",
"version": "6.5"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "windriver",
"version": "6.9.3"
},
{
"model": "phaser 3635mfp",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "0"
},
{
"model": "vxworks",
"scope": "eq",
"trust": 0.3,
"vendor": "windriver",
"version": "7"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "30300"
},
{
"model": "sage magnum rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "30300"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "24000"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "22000"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "14500"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "14300"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "14100"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "13500"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "13300"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "13100"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "12500"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "12300"
},
{
"model": "sage rtu",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "12100"
},
{
"model": "rtu500 series",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "11.3"
},
{
"model": "phaser 3635mfp",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "20.105.54.000"
},
{
"model": "vxworks",
"scope": "ne",
"trust": 0.3,
"vendor": "windriver",
"version": "6.8.3"
},
{
"model": "vxworks",
"scope": "ne",
"trust": 0.3,
"vendor": "windriver",
"version": "5.5.1"
},
{
"model": "vxworks",
"scope": "ne",
"trust": 0.3,
"vendor": "windriver",
"version": "6.9.4.4"
},
{
"model": "vxworks",
"scope": "ne",
"trust": 0.3,
"vendor": "windriver",
"version": "6.7.1.1"
},
{
"model": "vxworks",
"scope": "ne",
"trust": 0.3,
"vendor": "windriver",
"version": "6.4"
},
{
"model": "vxworks",
"scope": "ne",
"trust": 0.3,
"vendor": "windriver",
"version": "6.0"
},
{
"model": "sage magnum rtu c3414-500-s02j2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3030"
},
{
"model": "sage rtu c3414-500-s02j2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2400"
},
{
"model": "sage rtu c3414-500-s02j2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1450"
},
{
"model": "sage rtu c3414-500-s02j2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1430"
},
{
"model": "sage rtu c3414-500-s02j2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1410"
},
{
"model": "rtu500 series",
"scope": "ne",
"trust": 0.3,
"vendor": "abb",
"version": "11.4.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.9.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.9.4"
}
],
"sources": [
{
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"db": "BID",
"id": "75302"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"db": "NVD",
"id": "CVE-2015-3963"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.6",
"versionStartIncluding": "6.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:vxworks:6.6.3:*:*:*:cert:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:vxworks:6.6.4:*:*:*:cert:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:vxworks:6.6.4.1:*:*:*:cert:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.7.1.1",
"versionStartIncluding": "6.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.8.3",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.9.4.4",
"versionStartIncluding": "6.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1230:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1330:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_2200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_3030:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3963"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Formby, and San Shin Jung of Georgia Tech.,Raheem Beyah",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
],
"trust": 0.6
},
"cve": "CVE-2015-3963",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-3963",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-03907",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "80541190-2351-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-81924",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-3963",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-03907",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-324",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81924",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"db": "VULHUB",
"id": "VHN-81924"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"db": "NVD",
"id": "CVE-2015-3963"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value. VxWorks is a real-time operating system widely used on ICS-related devices. Schneider Electric SAGE RTU is a series of industrial data communication equipment of French Schneider Electric (Schneider Electric). Wind River VxWorks is a set of embedded real-time operating systems (RTOS) developed by Wind River in the United States. \n\nA security vulnerability exists in Wind River VxWorks used in previous versions of Schneider Electric SAGE RTU equipment J2. The following versions are affected: Wind River VxWorks before 5.5.1, 6.5.x, 6.6.x, 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, and 6.9 before 6.9.4.4. x version, 7.x version before 7 ipnet_coreip 1.2.2.0. \nAn attacker can exploit this issue to gain access to sensitive information, to cause a denial-of-service condition and perform certain unauthorized actions; this may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3963"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
},
{
"db": "BID",
"id": "75302"
},
{
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-81924"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3963",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-15-169-01",
"trust": 3.4
},
{
"db": "BID",
"id": "75302",
"trust": 2.6
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-162-01",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1033181",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1032730",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-15-169-01A",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2015-03907",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201507-324",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019",
"trust": 0.8
},
{
"db": "IVD",
"id": "80541190-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-81924",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"db": "VULHUB",
"id": "VHN-81924"
},
{
"db": "BID",
"id": "75302"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"db": "NVD",
"id": "CVE-2015-3963"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
]
},
"id": "VAR-201508-0391",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"db": "VULHUB",
"id": "VHN-81924"
}
],
"trust": 1.30669191
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"ICS"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03907"
}
]
},
"last_update_date": "2023-12-18T11:00:45.492000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAGE RTU VxWorks TCP Predictability",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_reference=sevd-2015-162-01\u0026p_endoctype=brochure\u0026p_file_id=868067338\u0026p_file_name=sevd-2015-162-01.pdf"
},
{
"title": "SEVD-2015-162-01",
"trust": 0.8,
"url": "http://www.schneider-electric.com/ww/en/download/document/sevd-2015-162-01"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.windriver.com/"
},
{
"title": "Wind River VXWorks TCP predictable vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/59857"
},
{
"title": "Wind River VxWorks Repair measures for security bypass vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=157616"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81924"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"db": "NVD",
"id": "CVE-2015-3963"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-169-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/75302"
},
{
"trust": 1.7,
"url": "http://www.schneider-electric.com/ww/en/download/document/sevd-2015-162-01"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20160324-0001/"
},
{
"trust": 1.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-169-01a"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032730"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033181"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3963"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3963"
},
{
"trust": 0.3,
"url": "http://www.windriver.com/products/vxworks.html"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/1ddcb-5255ff0558bfd/cert_security_mini-_bulletin_xrx15aw_for_ph3635mfp_v1-0.pdf"
},
{
"trust": 0.3,
"url": "https://library.e.abb.com/public/03edbe8b0bed400a8b294347be5d66ab/abb_softwarevulnerabilityhandlingadvisory_abb-vu-pgga-1kgt090284.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"db": "VULHUB",
"id": "VHN-81924"
},
{
"db": "BID",
"id": "75302"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"db": "NVD",
"id": "CVE-2015-3963"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"db": "VULHUB",
"id": "VHN-81924"
},
{
"db": "BID",
"id": "75302"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"db": "NVD",
"id": "CVE-2015-3963"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-24T00:00:00",
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"date": "2015-08-04T00:00:00",
"db": "VULHUB",
"id": "VHN-81924"
},
{
"date": "2015-06-18T00:00:00",
"db": "BID",
"id": "75302"
},
{
"date": "2015-08-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"date": "2015-08-04T01:59:07.357000",
"db": "NVD",
"id": "CVE-2015-3963"
},
{
"date": "2015-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03907"
},
{
"date": "2017-11-10T00:00:00",
"db": "VULHUB",
"id": "VHN-81924"
},
{
"date": "2016-10-26T05:09:00",
"db": "BID",
"id": "75302"
},
{
"date": "2015-08-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004019"
},
{
"date": "2021-07-22T13:09:15.723000",
"db": "NVD",
"id": "CVE-2015-3963"
},
{
"date": "2021-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wind River VXWorks TCP Predictable vulnerability",
"sources": [
{
"db": "IVD",
"id": "80541190-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03907"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-324"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…