var-201901-0794
Vulnerability from variot
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors. Provided by Yokogawa Electric Corporation Vnet/IP For open communication drivers, disruption of service operation due to driver reception processing (DoS) Vulnerabilities (CWE-399) Exists. This vulnerability information is provided by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC By developers and the United States ICS-CERT And adjusted.Service disruption when processing a large number of packets sent from a remote third party (DoS) State Vnet/IP The communication function of the open communication driver may stop. Yokogawa Vnet/IP Open Communication Driver is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. The following products are affected: Yokogawa CENTUM CS 3000 R3.05.00 through R3.09.5 Yokogawa CENTUM CS 3000 Entry Class R3.05.00 through R3.09.50 Yokogawa CENTUM VP R4.01.00 through R6.03.10 Yokogawa CENTUM VP Entry Class R4.01.00 through R6.03.10 Yokogawa Exaopc R3.10.00 through R3.75.00 Yokogawa PRM R2.06.00 through R3.31.00 Yokogawa ProSafethrough RS R1.02.00 through R4.02.00 Yokogawa FAST/TOOLS R9.02.00 through R10.02.00 Yokogawa B/M9000 VP R6.03.01 through R8.01.90. Yokogawa CENTUM CS 3000, etc. are all products of Japan's Yokogawa (Yokogawa) company. Yokogawa CENTUM CS 3000 is a large-scale production control system. Exaopc is an OPC data access server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0794",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prosafe-rs",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r4.02.00"
},
{
"model": "centum vp entry class",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r4.01.00"
},
{
"model": "b\\/m9000 vp",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r6.03.01"
},
{
"model": "centum cs 3000",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.05.00"
},
{
"model": "prosafe-rs",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r1.02.00"
},
{
"model": "exaopc",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.75.00"
},
{
"model": "centum cs 3000 entry class",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.05.00"
},
{
"model": "exaopc",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.10.00"
},
{
"model": "centum vp entry class",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r6.03.10"
},
{
"model": "plant resource manager",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.31.00"
},
{
"model": "plant resource manager",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r2.06.00"
},
{
"model": "fast\\/tools",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r9.02.00"
},
{
"model": "centum vp",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r4.01.00"
},
{
"model": "centum cs 3000 entry class",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.09.50"
},
{
"model": "centum cs 3000",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.09.50"
},
{
"model": "b\\/m9000 vp",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r8.01.90"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r6.03.10"
},
{
"model": "fast\\/tools",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r10.02.00"
},
{
"model": "b/m9000 vp",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "(r6.03.01 from r8.01.90 )"
},
{
"model": "centum cs 3000",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "(r3.05.00 from r3.09.50 )"
},
{
"model": "centum cs 3000",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "small (r3.05.00 from r3.09.50 )"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "(r4.01.00 from r6.03.10 )"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "basic (r4.01.00 from r6.03.10 )"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "small (r4.01.00 from r6.03.10 )"
},
{
"model": "exaopc",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "(r3.10.00 from r3.75.00 )"
},
{
"model": "fast/tools",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "(r9.02.00 from r10.02.00 )"
},
{
"model": "prm",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "(r2.06.00 from r3.31.00 )"
},
{
"model": "prosafe-rs",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "(r1.02.00 from r4.02.00 )"
},
{
"model": "prosafe-rs r4.02.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prosafe-rs r3.02.10",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prosafe-rs r2.03.80",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prosafe-rs r1.03.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prosafe-rs r1.02.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prm r3.31.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prm r3.12.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prm r3.11.20",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prm r2.06.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "fast/tools r9.05-sp2",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "fast/tools r9.05",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "fast/tools r9.04",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "fast/tools r9.03",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "fast/tools r9.02.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "fast/tools r10.02.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "fast/tools r10.01",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc r3.75.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc r3.72.10",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc r3.72.03",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc r3.72.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc r3.71.02",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc r3.10.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class r6.03.10",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class r5.04.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class r5.03.51",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class r5.03.20",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class r5.03.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class r4.03.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class r4.01.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp r6.03.10",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp r5.04.20",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp r5.04.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp r4.03.56",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp r4.03.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp r4.01.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum cs entry class r3.09.50",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs entry class r3.05.00",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.09.50",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.09",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.08.70",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.08.50",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.08",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.07",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.06",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.05.00",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "b/m9000 vp r8.01.90",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "b/m9000 vp r8.01.01",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "b/m9000 vp r7.03.04",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "b/m9000 vp r7.03.01",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "b/m9000 vp r6.03.01",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prosafe-rs r4.03.00",
"scope": "ne",
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "prm r4.01.00",
"scope": "ne",
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "fast/tools r10.03.00",
"scope": "ne",
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc r3.76.00",
"scope": "ne",
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class r6.04.00",
"scope": "ne",
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp r6.04.00",
"scope": "ne",
"trust": 0.3,
"vendor": "yokogawa",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "106442"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"db": "NVD",
"id": "CVE-2018-16196"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r3.09.50",
"versionStartIncluding": "r3.05.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000_entry_class:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r3.09.50",
"versionStartIncluding": "r3.05.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r6.03.10",
"versionStartIncluding": "r4.01.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp_entry_class:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r6.03.10",
"versionStartIncluding": "r4.01.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r3.75.00",
"versionStartIncluding": "r3.10.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m9000_vp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r8.01.90",
"versionStartIncluding": "r6.03.01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:fast\\/tools:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r10.02.00",
"versionStartIncluding": "r9.02.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:prosafe-rs:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r4.02.00",
"versionStartIncluding": "r1.02.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r3.31.00",
"versionStartIncluding": "r2.06.00",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16196"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "106442"
}
],
"trust": 0.3
},
"cve": "CVE-2018-16196",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "JPCERT/CC",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2018-010809",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-126531",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "JPCERT/CC",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2018-010809",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-16196",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "JPCERT/CC",
"id": "JVNDB-2018-010809",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-077",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-126531",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126531"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"db": "NVD",
"id": "CVE-2018-16196"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-077"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver\u0027s communication via unspecified vectors. Provided by Yokogawa Electric Corporation Vnet/IP For open communication drivers, disruption of service operation due to driver reception processing (DoS) Vulnerabilities (CWE-399) Exists. This vulnerability information is provided by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC By developers and the United States ICS-CERT And adjusted.Service disruption when processing a large number of packets sent from a remote third party (DoS) State Vnet/IP The communication function of the open communication driver may stop. Yokogawa Vnet/IP Open Communication Driver is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to cause denial-of-service conditions. \nThe following products are affected:\nYokogawa CENTUM CS 3000 R3.05.00 through R3.09.5\nYokogawa CENTUM CS 3000 Entry Class R3.05.00 through R3.09.50\nYokogawa CENTUM VP R4.01.00 through R6.03.10\nYokogawa CENTUM VP Entry Class R4.01.00 through R6.03.10\nYokogawa Exaopc R3.10.00 through R3.75.00\nYokogawa PRM R2.06.00 through R3.31.00\nYokogawa ProSafethrough RS R1.02.00 through R4.02.00\nYokogawa FAST/TOOLS R9.02.00 through R10.02.00\nYokogawa B/M9000 VP R6.03.01 through R8.01.90. Yokogawa CENTUM CS 3000, etc. are all products of Japan\u0027s Yokogawa (Yokogawa) company. Yokogawa CENTUM CS 3000 is a large-scale production control system. Exaopc is an OPC data access server",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16196"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"db": "BID",
"id": "106442"
},
{
"db": "VULHUB",
"id": "VHN-126531"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-16196",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVNVU93652047",
"trust": 2.5
},
{
"db": "BID",
"id": "106442",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSA-19-003-02",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010809",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-077",
"trust": 0.7
},
{
"db": "SEEBUG",
"id": "SSVID-98824",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-126531",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126531"
},
{
"db": "BID",
"id": "106442"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"db": "NVD",
"id": "CVE-2018-16196"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-077"
}
]
},
"id": "VAR-201901-0794",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126531"
}
],
"trust": 0.5455670125
},
"last_update_date": "2023-12-18T12:50:27.012000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "YSAR-18-0008: Vnet/IP\u30aa\u30fc\u30d7\u30f3\u901a\u4fe1\u30c9\u30e9\u30a4\u30d0\u306b\u30b5\u30fc\u30d3\u30b9\u904b\u7528\u59a8\u5bb3(DoS)\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://www.yokogawa.co.jp/library/resources/white-papers/yokogawa-security-advisory-report-list/"
},
{
"title": "Yokogawa Exaopc Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89500"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-077"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126531"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"db": "NVD",
"id": "CVE-2018-16196"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://web-material3.yokogawa.com/ysar-18-0008-e.pdf"
},
{
"trust": 1.7,
"url": "https://jvn.jp/vu/jvnvu93652047/index.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/106442"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-003-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16196"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93652047/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16196"
},
{
"trust": 0.3,
"url": "https://www.yokogawa.com/in"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126531"
},
{
"db": "BID",
"id": "106442"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"db": "NVD",
"id": "CVE-2018-16196"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-077"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126531"
},
{
"db": "BID",
"id": "106442"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"db": "NVD",
"id": "CVE-2018-16196"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-077"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-09T00:00:00",
"db": "VULHUB",
"id": "VHN-126531"
},
{
"date": "2019-12-21T00:00:00",
"db": "BID",
"id": "106442"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"date": "2019-01-09T23:29:04.560000",
"db": "NVD",
"id": "CVE-2018-16196"
},
{
"date": "2019-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-077"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-14T00:00:00",
"db": "VULHUB",
"id": "VHN-126531"
},
{
"date": "2019-12-21T00:00:00",
"db": "BID",
"id": "106442"
},
{
"date": "2019-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010809"
},
{
"date": "2019-02-14T14:59:40.957000",
"db": "NVD",
"id": "CVE-2018-16196"
},
{
"date": "2019-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-077"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "106442"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yokogawa Electric Vnet/IP Service operation disruption to open communication drivers (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010809"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-077"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.