VAR-201903-0603
Vulnerability from variot - Updated: 2023-12-18 12:21Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “Total Record Size” field. By sending a datagram to the service over Port 4444/UDP with the “Record Data Size” field modified to a specifically oversized value, the service will calculate an undersized value for the “Total Record Size” that will cause an out-of-bounds read access violation that leads to a service crash. The service can be recovered with a manual reboot. The patches and details pertaining to these vulnerabilities can be found at the following Rockwell Automation Security Advisory link (login is required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599. Rockwell Automation RSLinx Enterprise software (LogReceiver.exe) Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. RSLinx Enterprise is a standard OPC server software that bridges the communication between RSView Server and PLC. RSLinx Enterprise is prone to a remote denial-of-service vulnerability because it fails to properly bounds-check user-supplied data. An attacker can exploit this issue to cause an affected application to crash, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. The following versions are vulnerable: RSLinx Enterprise CPR9 RSLinx Enterprise CPR9-SR1 RSLinx Enterprise CPR9-SR2 RSLinx Enterprise CPR9-SR3 RSLinx Enterprise CPR9-SR4 RSLinx Enterprise CPR9-SR5 RSLinx Enterprise CPR9-SR5.1 RSLinx Enterprise CPR9-SR6. This software can establish communication links for Allen-Bradley (AB) programmable controllers, various Rockwell software, and AB application software. A buffer error vulnerability exists in Rockwell Automation RSLinx Enterprise due to improper bounds checking of user-submitted data. The following products and versions are affected: Rockwell Automation RSLinx Enterprise Version 5.10.00, Version 5.10.01, Version 5.20.00, Version 5.21.00, Version 5.30.00, Version 5.40.00, Version 5.50.00, Version 5.51.00 , version 5.60.00
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0603",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.30.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.60.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.21.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.40.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.50.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.10.01"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.20.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.10.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "5.51.00"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr1"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr2"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr3"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr4"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr5"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr5.1"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr6"
},
{
"model": "software rslinx enterprise cpr9",
"scope": null,
"trust": 0.6,
"vendor": "rockwell",
"version": null
},
{
"model": "software rslinx enterprise cpr9-srx",
"scope": null,
"trust": 0.6,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr6",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr5.1",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr5",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr4",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr3",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr2",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9-sr1",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": "automation rslinx enterprise cpr9",
"scope": null,
"trust": 0.3,
"vendor": "rockwell",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.10.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.10.01"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.20.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.21.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.30.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.40.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.50.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.51.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx",
"version": "5.60.00"
}
],
"sources": [
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"db": "BID",
"id": "62880"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"db": "NVD",
"id": "CVE-2013-2807"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.21.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.40.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.10.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.10.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.20.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.51.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.60.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.30.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_enterprise:5.50.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2807"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carsten Eiram of Risk Based Security.",
"sources": [
{
"db": "BID",
"id": "62880"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
],
"trust": 0.9
},
"cve": "CVE-2013-2807",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-2807",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-13664",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-62809",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-2807",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-2807",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-13664",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201310-256",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-62809",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"db": "VULHUB",
"id": "VHN-62809"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"db": "NVD",
"id": "CVE-2013-2807"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the \u201cTotal Record Size\u201d field. By sending a datagram to the service over Port 4444/UDP with the \u201cRecord Data Size\u201d field modified to a specifically oversized value, the service will calculate an undersized value for the \u201cTotal Record Size\u201d that will cause an out-of-bounds read access violation that leads to a service crash. The service can be recovered with a manual reboot. The patches and details pertaining to these vulnerabilities can be found at the following Rockwell Automation Security Advisory link (login is required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599. Rockwell Automation RSLinx Enterprise software (LogReceiver.exe) Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. RSLinx Enterprise is a standard OPC server software that bridges the communication between RSView Server and PLC. RSLinx Enterprise is prone to a remote denial-of-service vulnerability because it fails to properly bounds-check user-supplied data. \nAn attacker can exploit this issue to cause an affected application to crash, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. \nThe following versions are vulnerable:\nRSLinx Enterprise CPR9\nRSLinx Enterprise CPR9-SR1\nRSLinx Enterprise CPR9-SR2\nRSLinx Enterprise CPR9-SR3\nRSLinx Enterprise CPR9-SR4\nRSLinx Enterprise CPR9-SR5\nRSLinx Enterprise CPR9-SR5.1\nRSLinx Enterprise CPR9-SR6. This software can establish communication links for Allen-Bradley (AB) programmable controllers, various Rockwell software, and AB application software. A buffer error vulnerability exists in Rockwell Automation RSLinx Enterprise due to improper bounds checking of user-submitted data. The following products and versions are affected: Rockwell Automation RSLinx Enterprise Version 5.10.00, Version 5.10.01, Version 5.20.00, Version 5.21.00, Version 5.30.00, Version 5.40.00, Version 5.50.00, Version 5.51.00 , version 5.60.00",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2807"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"db": "BID",
"id": "62880"
},
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-62809"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2807",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-095-02",
"trust": 2.5
},
{
"db": "BID",
"id": "62880",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201310-256",
"trust": 0.9
},
{
"db": "ICS CERT",
"id": "ICSA-13-095-02A",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-13664",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841",
"trust": 0.8
},
{
"db": "IVD",
"id": "01A2D15E-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-62809",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"db": "VULHUB",
"id": "VHN-62809"
},
{
"db": "BID",
"id": "62880"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"db": "NVD",
"id": "CVE-2013-2807"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
]
},
"id": "VAR-201903-0603",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"db": "VULHUB",
"id": "VHN-62809"
}
],
"trust": 1.7928571350000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13664"
}
]
},
"last_update_date": "2023-12-18T12:21:47.358000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rockwellautomation.com/"
},
{
"title": "RSLinx Enterprise \u0027LogReceiver.exe\u0027 Patch for Override Remote Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/40148"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62809"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"db": "NVD",
"id": "CVE-2013-2807"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-13-095-02"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2807"
},
{
"trust": 0.9,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-095-02a"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2807"
},
{
"trust": 0.3,
"url": "http://www.rockwellautomation.com/rockwellsoftware/design/rslinx/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"db": "VULHUB",
"id": "VHN-62809"
},
{
"db": "BID",
"id": "62880"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"db": "NVD",
"id": "CVE-2013-2807"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"db": "VULHUB",
"id": "VHN-62809"
},
{
"db": "BID",
"id": "62880"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"db": "NVD",
"id": "CVE-2013-2807"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-12T00:00:00",
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-10-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"date": "2019-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-62809"
},
{
"date": "2013-10-07T00:00:00",
"db": "BID",
"id": "62880"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"date": "2019-03-26T17:29:00.310000",
"db": "NVD",
"id": "CVE-2013-2807"
},
{
"date": "2013-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13664"
},
{
"date": "2020-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-62809"
},
{
"date": "2013-10-07T00:00:00",
"db": "BID",
"id": "62880"
},
{
"date": "2019-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006841"
},
{
"date": "2020-02-10T21:24:37.640000",
"db": "NVD",
"id": "CVE-2013-2807"
},
{
"date": "2020-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RSLinx Enterprise \u0027LogReceiver.exe\u0027 Integer Overflow Remote Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13664"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "01a2d15e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-256"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…