VAR-201903-0602
Vulnerability from variot - Updated: 2023-12-18 12:21Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “End of Current Record” field. By sending a datagram to the service over Port 4444/UDP with the “Record Data Size” field modified to a specifically oversized value, the service will calculate an undersized value for the “Total Record Size.” Then the service will calculate an incorrect value for the “End of Current Record” field causing access violations that lead to a service crash. The service can be recovered with a manual reboot. The patches and details pertaining to these vulnerabilities can be found at the following Rockwell Automation security advisory link (login is required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599. Rockwell Automation RSLinx Enterprise software (LogReceiver.exe) Contains an integer overflow vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. RSLinx Enterprise is a standard OPC server software that bridges the communication between RSView Server and PLC. Crash and need to be restarted to get normal service. RSLinx Enterprise is prone to a remote denial-of-service vulnerability because it fails to properly bounds-check user-supplied data. An attacker can exploit this issue to cause an affected application to crash, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. The following versions are vulnerable: RSLinx Enterprise CPR9 RSLinx Enterprise CPR9-SR1 RSLinx Enterprise CPR9-SR2 RSLinx Enterprise CPR9-SR3 RSLinx Enterprise CPR9-SR4 RSLinx Enterprise CPR9-SR5 RSLinx Enterprise CPR9-SR5.1 RSLinx Enterprise CPR9-SR6. This software can establish communication links for Allen-Bradley (AB) programmable controllers, various Rockwell software, and AB application software. The following products and versions are affected: Rockwell Automation RSLinx Enterprise Version 5.10.00, Version 5.10.01, Version 5.20.00, Version 5.21.00, Version 5.30.00, Version 5.40.00, Version 5.50.00, Version 5.51.00 , version 5.60.00
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0602",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.30.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.60.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.21.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.40.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.50.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.10.01"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.20.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.10.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.51.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr1"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr2"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr3"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr4"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr5"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr5.1"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr6"
},
{
"model": "software rslinx enterprise cpr9",
"scope": null,
"trust": 0.6,
"vendor": "rockwell",
"version": null
},
{
"model": "software rslinx enterprise cpr9-srx",
"scope": null,
"trust": 0.6,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr6",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr5.1",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr5",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr4",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr3",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr2",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr1",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.10.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.10.01"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.20.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.21.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.30.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.40.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.50.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.51.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.60.00"
}
],
"sources": [
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "BID",
"id": "62878"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"db": "NVD",
"id": "CVE-2013-2806"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.30.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.50.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.60.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.10.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.10.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.20.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.21.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.40.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.51.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2806"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carsten Eiram of Risk Based Security.",
"sources": [
{
"db": "BID",
"id": "62878"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
],
"trust": 0.9
},
"cve": "CVE-2013-2806",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-2806",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-13663",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "01ab868c-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-62808",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-2806",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-2806",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-13663",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201310-254",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-62808",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "VULHUB",
"id": "VHN-62808"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"db": "NVD",
"id": "CVE-2013-2806"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the \u201cEnd of Current Record\u201d field. By sending a datagram to the service over Port 4444/UDP with the \u201cRecord Data Size\u201d field modified to a specifically oversized value, the service will calculate an undersized value for the \u201cTotal Record Size.\u201d Then the service will calculate an incorrect value for the \u201cEnd of Current Record\u201d field causing access violations that lead to a service crash. The service can be recovered with a manual reboot. The patches and details pertaining to these vulnerabilities can be found at the following Rockwell Automation security advisory link (login is required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599. Rockwell Automation RSLinx Enterprise software (LogReceiver.exe) Contains an integer overflow vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. RSLinx Enterprise is a standard OPC server software that bridges the communication between RSView Server and PLC. Crash and need to be restarted to get normal service. RSLinx Enterprise is prone to a remote denial-of-service vulnerability because it fails to properly bounds-check user-supplied data. \nAn attacker can exploit this issue to cause an affected application to crash, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. \nThe following versions are vulnerable:\nRSLinx Enterprise CPR9\nRSLinx Enterprise CPR9-SR1\nRSLinx Enterprise CPR9-SR2\nRSLinx Enterprise CPR9-SR3\nRSLinx Enterprise CPR9-SR4\nRSLinx Enterprise CPR9-SR5\nRSLinx Enterprise CPR9-SR5.1\nRSLinx Enterprise CPR9-SR6. This software can establish communication links for Allen-Bradley (AB) programmable controllers, various Rockwell software, and AB application software. The following products and versions are affected: Rockwell Automation RSLinx Enterprise Version 5.10.00, Version 5.10.01, Version 5.20.00, Version 5.21.00, Version 5.30.00, Version 5.40.00, Version 5.50.00, Version 5.51.00 , version 5.60.00",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2806"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "BID",
"id": "62878"
},
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-62808"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2806",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-095-02",
"trust": 2.5
},
{
"db": "BID",
"id": "62878",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201310-254",
"trust": 0.9
},
{
"db": "ICS CERT",
"id": "ICSA-13-095-02A",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-13663",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840",
"trust": 0.8
},
{
"db": "IVD",
"id": "01AB868C-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-62808",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "VULHUB",
"id": "VHN-62808"
},
{
"db": "BID",
"id": "62878"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"db": "NVD",
"id": "CVE-2013-2806"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
]
},
"id": "VAR-201903-0602",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "VULHUB",
"id": "VHN-62808"
}
],
"trust": 1.7928571350000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13663"
}
]
},
"last_update_date": "2023-12-18T12:21:44.108000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rockwellautomation.com/"
},
{
"title": "RSLinx Enterprise \u0027LogReceiver.exe\u0027 Patch for Integer Overflow Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/40159"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62808"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"db": "NVD",
"id": "CVE-2013-2806"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-13-095-02"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2806"
},
{
"trust": 0.9,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-095-02a"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2806"
},
{
"trust": 0.3,
"url": "http://www.rockwellautomation.com/rockwellsoftware/design/rslinx/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "VULHUB",
"id": "VHN-62808"
},
{
"db": "BID",
"id": "62878"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"db": "NVD",
"id": "CVE-2013-2806"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "VULHUB",
"id": "VHN-62808"
},
{
"db": "BID",
"id": "62878"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"db": "NVD",
"id": "CVE-2013-2806"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-12T00:00:00",
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-10-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"date": "2019-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-62808"
},
{
"date": "2013-10-07T00:00:00",
"db": "BID",
"id": "62878"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"date": "2019-03-26T17:29:00.247000",
"db": "NVD",
"id": "CVE-2013-2806"
},
{
"date": "2013-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"date": "2020-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-62808"
},
{
"date": "2013-10-07T00:00:00",
"db": "BID",
"id": "62878"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006840"
},
{
"date": "2020-02-10T21:24:37.560000",
"db": "NVD",
"id": "CVE-2013-2806"
},
{
"date": "2020-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RSLinx Enterprise \u0027LogReceiver.exe\u0027 Integer Overflow Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13663"
},
{
"db": "BID",
"id": "62878"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation error",
"sources": [
{
"db": "IVD",
"id": "01ab868c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "BID",
"id": "62878"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-254"
}
],
"trust": 1.1
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…