Common Weakness Enumeration
CWE-1284
AllowedImproper Validation of Specified Quantity in Input
Abstraction: Base · Status: Incomplete
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
494 vulnerabilities reference this CWE, most recent first.
CVE-2025-4365 (GCVE-0-2025-4365)
Vulnerability from cvelistv5 – Published: 2025-06-17 12:38 – Updated: 2025-06-17 13:49
VLAI
EPSS
VEX
Title
NetScaler Console and NetScaler SDX (SVM) - Arbitrary file read
Summary
Arbitrary file read in NetScaler Console and NetScaler SDX (SVM)
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
1 reference
Impacted products
Date Public
2025-06-17 12:36
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T13:44:12.219691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T13:49:08.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Console",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "47.46",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "58.32",
"status": "affected",
"version": "13.1",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDX (SVM)",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "47.46",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "58.32",
"status": "affected",
"version": "13.1",
"versionType": "patch"
}
]
}
],
"datePublic": "2025-06-17T12:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eArbitrary file read in\u0026nbsp;NetScaler Console and NetScaler SDX (SVM)\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e"
}
],
"value": "Arbitrary file read in\u00a0NetScaler Console and NetScaler SDX (SVM)"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T12:47:26.718Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694729"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NetScaler Console and NetScaler SDX (SVM) - Arbitrary file read",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2025-4365",
"datePublished": "2025-06-17T12:38:10.318Z",
"dateReserved": "2025-05-05T17:29:52.331Z",
"dateUpdated": "2025-06-17T13:49:08.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3756 (GCVE-0-2025-3756)
Vulnerability from cvelistv5 – Published: 2026-04-13 17:11 – Updated: 2026-04-13 18:03
VLAI
EPSS
VEX
Title
Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850
Summary
A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation.
The System 800xA IEC61850 Connect is not affected. Note: This vulnerability does not impact on the overall availability and functionality of the S+ Operations node, only the 61850 communication function.
This issue affects AC800M (System 800xA): from 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series: A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack): from 3.10 through 3.52; S+ Operations: 2.1, 2.2, 2.3, 3.3.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper validation of specified quantity in input
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| ABB | AC800M (System 800xA) |
Affected:
6.0.0x , ≤ 6.0.0303.0
(custom)
Affected: 6.1.0x , ≤ 6.1.0031.0 (custom) Affected: 6.1.1x , ≤ 6.1.1004.0 (custom) Affected: 6.1.1x , ≤ 6.1.1202.0 (custom) Affected: 6.2.0x , ≤ 6.2.0006.0 (custom) |
|
| ABB | Symphony Plus SD Series |
Affected:
A_0
(custom)
Affected: A_1 (custom) Affected: A_2.003 (custom) Affected: A_3.005 (custom) Affected: A_4.001 (custom) Affected: B_0.005 (custom) |
|
| ABB | Symphony Plus MR (Melody Rack) |
Affected:
3.10 , ≤ 3.52
(custom)
|
|
| ABB | S+ Operations |
Affected:
2.1
(custom)
Affected: 2.2 (custom) Affected: 2.3 (custom) Affected: 3.3 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-13T18:02:41.810841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T18:03:41.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"CI868"
],
"product": "AC800M (System 800xA)",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "6.0.0303.0",
"status": "affected",
"version": "6.0.0x",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.0031.0",
"status": "affected",
"version": "6.1.0x",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.1004.0",
"status": "affected",
"version": "6.1.1x",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.1202.0",
"status": "affected",
"version": "6.1.1x",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.2.0006.0",
"status": "affected",
"version": "6.2.0x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"CI850"
],
"product": "Symphony Plus SD Series",
"vendor": "ABB",
"versions": [
{
"status": "affected",
"version": "A_0",
"versionType": "custom"
},
{
"status": "affected",
"version": "A_1",
"versionType": "custom"
},
{
"status": "affected",
"version": "A_2.003",
"versionType": "custom"
},
{
"status": "affected",
"version": "A_3.005",
"versionType": "custom"
},
{
"status": "affected",
"version": "A_4.001",
"versionType": "custom"
},
{
"status": "affected",
"version": "B_0.005",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"PM 877"
],
"product": "Symphony Plus MR (Melody Rack)",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "3.52",
"status": "affected",
"version": "3.10",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S+ Operations",
"vendor": "ABB",
"versions": [
{
"status": "affected",
"version": "2.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "2.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "3.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ABB thanks Hitachi Energy for sharing the information affecting a commonly used software component."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eA vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation.\u0026nbsp;\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThe System 800xA IEC61850 Connect is not affected. Note: This vulnerability does not impact on the overall availability and functionality of the S+ Operations node, only the 61850 communication function.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp; \u0026nbsp;\u003c/div\u003e\u003c/div\u003e\u003cp\u003eThis issue affects AC800M (System 800xA):\u0026nbsp;\u003cspan\u003efrom 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series: A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack): from 3.10 through 3.52; S+ Operations: 2.1, 2.2, 2.3, 3.3.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation.\u00a0\n\n\n\n\nThe System 800xA IEC61850 Connect is not affected. Note: This vulnerability does not impact on the overall availability and functionality of the S+ Operations node, only the 61850 communication function.\n\n\u00a0 \u00a0\n\n\n\nThis issue affects AC800M (System 800xA):\u00a0from 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series: A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack): from 3.10 through 3.52; S+ Operations: 2.1, 2.2, 2.3, 3.3."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper validation of specified quantity in input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T17:11:08.412Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA020125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service Vulnerabilities in System 800xA, Symphony\u00ae Plus IEC 61850",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2025-3756",
"datePublished": "2026-04-13T17:11:08.412Z",
"dateReserved": "2025-04-17T10:42:33.414Z",
"dateUpdated": "2026-04-13T18:03:41.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-3511 (GCVE-0-2025-3511)
Vulnerability from cvelistv5 – Published: 2025-04-25 05:14 – Updated: 2026-04-24 07:13
VLAI
EPSS
VEX
Summary
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Series CC-Link IE TSN Master/Local Module, MELSEC iQ-R Series Ethernet Interface Module, CC-Link IE TSN Master/Local Station Communication LSI CP610, MELSEC iQ-F Series FX5 CC-Link IE TSN Master/Local Module, MELSEC iQ-F Series FX5 Ethernet Module, and MELSEC iQ-F Series FX5-ENET/IP Ethernet Module allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/psirt/vulnerab… | vendor-advisory |
| https://jvn.jp/vu/JVNVU96620683/ | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
44 products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T17:46:29.102151Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T17:46:36.083Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32DT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32DTE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32DT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32DTE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GNCF1-32D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GNCF1-32T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GNCE3-32D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GNCE3-32DT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A4-16D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A4-16DE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A2-16T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A2-16TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A42-16DT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A42-16DTE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-16D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-16T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-16TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-16D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-16T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-16TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Analog-Digital Converter module NZ2GN2S-60AD4",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "07 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Analog-Digital Converter module NZ2GN2B-60AD4",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "07 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Digital-Analog Converter module NZ2GN2S-60DA4",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "07 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Digital-Analog Converter module NZ2GN2B-60DA4",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "07 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN FPGA module NZ2GN2S-D41P01",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN FPGA module NZ2GN2S-D41D01",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN FPGA module NZ2GN2S-D41PD02",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-300",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.08J and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-60",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.08J and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-T2",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "26 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-EIP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "10 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-SX",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "05 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series Ethernet Interface Module RJ71EN71",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "85 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Master/Local Station Communication LSI CP610 NZ2GACP610-60",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "05 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Master/Local Station Communication LSI CP610 NZ2KT-NPETNG51",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "05 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5 CC-Link IE TSN Master/Local Module FX5-CCLGN-MS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.020 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5 Ethernet Module FX5-ENET",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.200 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.106 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Series CC-Link IE TSN Master/Local Module, MELSEC iQ-R Series Ethernet Interface Module, CC-Link IE TSN Master/Local Station Communication LSI CP610, MELSEC iQ-F Series FX5 CC-Link IE TSN Master/Local Module, MELSEC iQ-F Series FX5 Ethernet Module, and MELSEC iQ-F Series FX5-ENET/IP Ethernet Module allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets."
}
],
"value": "Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Series CC-Link IE TSN Master/Local Module, MELSEC iQ-R Series Ethernet Interface Module, CC-Link IE TSN Master/Local Station Communication LSI CP610, MELSEC iQ-F Series FX5 CC-Link IE TSN Master/Local Module, MELSEC iQ-F Series FX5 Ethernet Module, and MELSEC iQ-F Series FX5-ENET/IP Ethernet Module allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial-of-Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T07:13:32.562Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-001_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU96620683/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2025-3511",
"datePublished": "2025-04-25T05:14:43.758Z",
"dateReserved": "2025-04-11T04:10:12.030Z",
"dateUpdated": "2026-04-24T07:13:32.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2826 (GCVE-0-2025-2826)
Vulnerability from cvelistv5 – Published: 2025-05-27 22:22 – Updated: 2025-05-28 13:34
VLAI
EPSS
VEX
Title
n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets.
Summary
n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets. This can cause incoming packets to incorrectly be allowed or denied. The two symptoms of this issue on the affected release and platform are:
* Packets which should be permitted may be dropped and,
* Packets which should be dropped may be permitted.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Arista Networks | EOS |
Affected:
4.33.2F
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-28T13:33:59.901353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T13:34:08.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"EOS"
],
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"status": "affected",
"version": "4.33.2F",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn order to be vulnerable to CVE-2025-2826, the following condition must be met: IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL must be configured and active on more than one Ethernet interfaces or one or more LAG interfaces. The output of CLI show commands will look similar to the following:\u003c/p\u003e\u003cpre\u003eswitch\u0026gt; show ip access-lists summary\nPhone ACL bypass: disabled\nIPV4 ACL default-control-plane-acl [readonly]\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Total rules configured: 27\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Configured on Ingress: control-plane(default VRF)\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Active on \u0026nbsp; \u0026nbsp; Ingress: control-plane(default VRF)\n \n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eIPV4 ACL ipv4ACL\u003c/span\u003e\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Total rules configured: 2\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Configured on Ingress: Et18/1\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eActive on \u0026nbsp; \u0026nbsp; Ingress:\u003c/span\u003e Et18/1\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eor\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show mac access-lists summary\n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eMAC ACL macAcl\u003c/span\u003e\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Total rules configured: 2\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Configured on Ingress: Et18/1\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eActive on \u0026nbsp; \u0026nbsp; Ingress:\u003c/span\u003e Et18/1\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eor\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show ipv6 access-lists summary\nPhone ACL bypass: disabled\nIPV6 ACL default-control-plane-acl [readonly]\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Total rules configured: 27\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Configured on Ingress: control-plane(default VRF)\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Active on \u0026nbsp; \u0026nbsp; Ingress: control-plane(default VRF)\n \n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eStandard IPV6 ACL ipv6StandardACL\u003c/span\u003e\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Total rules configured: 2\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Configured on Ingress: Et21/1\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eActive on \u0026nbsp; \u0026nbsp; Ingress:\u003c/span\u003e Et21/1\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eIf IPv4 Ingress ACL or MAC Ingress ACL or IPv6 standard Ingress ACL are not configured or are not active on any Ethernet interface or LAG interfaces there is no exposure to this issue and the CLI show command output have no active interfaces\u02dc listed, similar to the following:\u003c/p\u003e\u003cpre\u003eswitch\u0026gt; show ip access-lists summary\nPhone ACL bypass: disabled\nIPV4 ACL default-control-plane-acl [readonly]\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Total rules configured: 27\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Configured on Ingress: control-plane(default VRF)\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Active on \u0026nbsp; \u0026nbsp; Ingress: control-plane(default VRF)\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eor\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show mac access-lists summary\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eor\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show ipv6 access-lists summary\nPhone ACL bypass: disabled\nIPV6 ACL default-control-plane-acl [readonly]\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Total rules configured: 27\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Configured on Ingress: control-plane(default VRF)\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Active on \u0026nbsp; \u0026nbsp; Ingress: control-plane(default VRF)\n\u003c/pre\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "In order to be vulnerable to CVE-2025-2826, the following condition must be met: IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL must be configured and active on more than one Ethernet interfaces or one or more LAG interfaces. The output of CLI show commands will look similar to the following:\n\nswitch\u003e show ip access-lists summary\nPhone ACL bypass: disabled\nIPV4 ACL default-control-plane-acl [readonly]\n\u00a0 \u00a0 \u00a0 \u00a0 Total rules configured: 27\n\u00a0 \u00a0 \u00a0 \u00a0 Configured on Ingress: control-plane(default VRF)\n\u00a0 \u00a0 \u00a0 \u00a0 Active on \u00a0 \u00a0 Ingress: control-plane(default VRF)\n \nIPV4 ACL ipv4ACL\n\u00a0 \u00a0 \u00a0 \u00a0 Total rules configured: 2\n\u00a0 \u00a0 \u00a0 \u00a0 Configured on Ingress: Et18/1\n\u00a0 \u00a0 \u00a0 \u00a0 Active on \u00a0 \u00a0 Ingress: Et18/1\n\n\n\u00a0\n\nor\n\nswitch\u003eshow mac access-lists summary\nMAC ACL macAcl\n\u00a0 \u00a0 \u00a0 \u00a0 Total rules configured: 2\n\u00a0 \u00a0 \u00a0 \u00a0 Configured on Ingress: Et18/1\n\u00a0 \u00a0 \u00a0 \u00a0 Active on \u00a0 \u00a0 Ingress: Et18/1\n\n\n\u00a0\n\nor\n\nswitch\u003eshow ipv6 access-lists summary\nPhone ACL bypass: disabled\nIPV6 ACL default-control-plane-acl [readonly]\n\u00a0 \u00a0 \u00a0 \u00a0 Total rules configured: 27\n\u00a0 \u00a0 \u00a0 \u00a0 Configured on Ingress: control-plane(default VRF)\n\u00a0 \u00a0 \u00a0 \u00a0 Active on \u00a0 \u00a0 Ingress: control-plane(default VRF)\n \nStandard IPV6 ACL ipv6StandardACL\n\u00a0 \u00a0 \u00a0 \u00a0 Total rules configured: 2\n\u00a0 \u00a0 \u00a0 \u00a0 Configured on Ingress: Et21/1\n\u00a0 \u00a0 \u00a0 \u00a0 Active on \u00a0 \u00a0 Ingress: Et21/1\n\n\n\u00a0\n\nIf IPv4 Ingress ACL or MAC Ingress ACL or IPv6 standard Ingress ACL are not configured or are not active on any Ethernet interface or LAG interfaces there is no exposure to this issue and the CLI show command output have no active interfaces\u02dc listed, similar to the following:\n\nswitch\u003e show ip access-lists summary\nPhone ACL bypass: disabled\nIPV4 ACL default-control-plane-acl [readonly]\n\u00a0 \u00a0 \u00a0 \u00a0 Total rules configured: 27\n\u00a0 \u00a0 \u00a0 \u00a0 Configured on Ingress: control-plane(default VRF)\n\u00a0 \u00a0 \u00a0 \u00a0 Active on \u00a0 \u00a0 Ingress: control-plane(default VRF)\n\n\n\u00a0\n\nor\n\nswitch\u003eshow mac access-lists summary\n\n\n\u00a0\n\nor\n\nswitch\u003eshow ipv6 access-lists summary\nPhone ACL bypass: disabled\nIPV6 ACL default-control-plane-acl [readonly]\n\u00a0 \u00a0 \u00a0 \u00a0 Total rules configured: 27\n\u00a0 \u00a0 \u00a0 \u00a0 Configured on Ingress: control-plane(default VRF)\n\u00a0 \u00a0 \u00a0 \u00a0 Active on \u00a0 \u00a0 Ingress: control-plane(default VRF)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003en affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets. This can cause incoming packets to incorrectly be allowed or denied. The two symptoms of this issue on the affected release and platform are:\u003c/p\u003e\u003col\u003e\u003cli\u003ePackets which should be permitted may be dropped and,\u003c/li\u003e\u003cli\u003ePackets which should be dropped may be permitted.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets. This can cause incoming packets to incorrectly be allowed or denied. The two symptoms of this issue on the affected release and platform are:\n\n * Packets which should be permitted may be dropped and,\n * Packets which should be dropped may be permitted."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T22:22:51.717Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21414-security-advisory-0120"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cp\u003eCVE-2025-2826 has been fixed in the following releases:\u003c/p\u003e\u003cul\u003e\u003cli\u003e4.33.2.1F, 4.33.3F and later releases in the 4.33.x train\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\nCVE-2025-2826 has been fixed in the following releases:\n\n * 4.33.2.1F, 4.33.3F and later releases in the 4.33.x train"
}
],
"source": {
"advisory": "SA120",
"defect": [
"BUG 795398"
],
"discovery": "INTERNAL"
},
"title": "n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result in ACL policies not being enforced for ingress packets.",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo workaround is available. Ingress ACLs may be applied as egress, if resources permit and the policy is applicable.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No workaround is available. Ingress ACLs may be applied as egress, if resources permit and the policy is applicable."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-2826",
"datePublished": "2025-05-27T22:22:51.717Z",
"dateReserved": "2025-03-26T16:02:22.894Z",
"dateUpdated": "2025-05-28T13:34:08.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2256 (GCVE-0-2025-2256)
Vulnerability from cvelistv5 – Published: 2025-09-12 06:06 – Updated: 2025-09-12 17:19
VLAI
EPSS
VEX
Title
Improper Validation of Specified Quantity in Input in GitLab
Summary
An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://about.gitlab.com/releases/2025/09/10/patc… | |
| https://gitlab.com/gitlab-org/gitlab/-/issues/524633 | issue-trackingpermissions-required |
| https://hackerone.com/reports/3019485 | technical-descriptionexploitpermissions-required |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2256",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-12T17:19:23.671886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T17:19:32.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.1.6",
"status": "affected",
"version": "7.12",
"versionType": "semver"
},
{
"lessThan": "18.2.6",
"status": "affected",
"version": "18.2",
"versionType": "semver"
},
{
"lessThan": "18.3.2",
"status": "affected",
"version": "18.3",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [yuki_osaki](https://hackerone.com/yuki_osaki) and [lambdasawa](https://hackerone.com/lambdasawa) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284: Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T06:06:04.796Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://about.gitlab.com/releases/2025/09/10/patch-release-gitlab-18-3-2-released/"
},
{
"name": "GitLab Issue #524633",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/524633"
},
{
"name": "HackerOne Bug Bounty Report #3019485",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3019485"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.1.6, 18.2.6, 18.3.2 or above."
}
],
"title": "Improper Validation of Specified Quantity in Input in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2025-2256",
"datePublished": "2025-09-12T06:06:04.796Z",
"dateReserved": "2025-03-12T15:05:04.877Z",
"dateUpdated": "2025-09-12T17:19:32.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0038 (GCVE-0-2025-0038)
Vulnerability from cvelistv5 – Published: 2025-10-06 16:08 – Updated: 2025-10-06 17:16
VLAI
EPSS
VEX
Summary
In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.
Severity
6.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - - Improper Validation of Specified Quantity in Input
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | Kria(TM) SOM |
Affected:
PMU Firmware version TBD
|
|
| AMD | Zynq UltraScale+ MPSoCs |
Affected:
PMU Firmware version TBD
|
|
| AMD | Zynq UltraScale+ RFSoCs |
Affected:
PMU Firmware version TBD
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0038",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T17:00:56.364010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T17:16:22.921Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Kria(TM) SOM",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
},
{
"defaultStatus": "affected",
"product": "Zynq UltraScale+ MPSoCs",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
},
{
"defaultStatus": "affected",
"product": "Zynq UltraScale+ RFSoCs",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.\u003cbr\u003e"
}
],
"value": "In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 - Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T16:08:59.227Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8008.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-0038",
"datePublished": "2025-10-06T16:08:59.227Z",
"dateReserved": "2024-11-21T16:18:05.485Z",
"dateUpdated": "2025-10-06T17:16:22.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53879 (GCVE-0-2024-53879)
Vulnerability from cvelistv5 – Published: 2025-02-25 20:41 – Updated: 2025-02-26 15:48
VLAI
EPSS
VEX
Summary
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | CUDA Toolkit |
Affected:
All versions up to CUDA Toolkit 12.8
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53879",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T15:47:45.403250Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T15:48:16.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "CUDA Toolkit",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions up to CUDA Toolkit 12.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-25T20:41:11.826Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5594"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-53879",
"datePublished": "2025-02-25T20:41:11.826Z",
"dateReserved": "2024-11-22T23:19:03.329Z",
"dateUpdated": "2025-02-26T15:48:16.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53878 (GCVE-0-2024-53878)
Vulnerability from cvelistv5 – Published: 2025-02-25 20:38 – Updated: 2025-02-25 20:56
VLAI
EPSS
VEX
Summary
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | CUDA Toolkit |
Affected:
All versions up to CUDA Toolkit 12.8
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-25T20:55:39.683360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-25T20:56:08.076Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "CUDA Toolkit",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions up to CUDA Toolkit 12.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-25T20:38:59.240Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5594"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-53878",
"datePublished": "2025-02-25T20:38:59.240Z",
"dateReserved": "2024-11-22T23:18:57.227Z",
"dateUpdated": "2025-02-25T20:56:08.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52901 (GCVE-0-2024-52901)
Vulnerability from cvelistv5 – Published: 2024-12-12 16:06 – Updated: 2024-12-12 16:33
VLAI
EPSS
VEX
Title
IBM InfoSphere Information Server denial of service
Summary
IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7177700 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | InfoSphere Information Server |
Affected:
11.7
cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-12T16:33:32.576999Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T16:33:42.317Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "InfoSphere Information Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "11.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation.\u003c/span\u003e"
}
],
"value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T16:06:31.783Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7177700"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM InfoSphere Information Server denial of service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-52901",
"datePublished": "2024-12-12T16:06:31.783Z",
"dateReserved": "2024-11-17T14:25:57.179Z",
"dateUpdated": "2024-12-12T16:33:42.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47257 (GCVE-0-2024-47257)
Vulnerability from cvelistv5 – Published: 2024-11-26 07:21 – Updated: 2024-11-29 05:33
VLAI
EPSS
VEX
Summary
Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network.
Axis has released patched AXIS OS versions for the highlighted flaw for products that are still under AXIS OS software support. Please refer to the Axis security advisory for more information and solution.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Axis Communications AB | AXIS Q6128-E PTZ Network Camera |
Affected:
6.50
|
|
| Axis Communications AB | AXIS P1428-E Network Camera |
Affected:
6.50
|
|
| axis_communications_ab | axis_q6128-e_ptz_network_camera |
Affected:
6.50
cpe:2.3:a:axis_communications_ab:axis_q6128-e_ptz_network_camera:*:*:*:*:*:*:*:* |
|
| axis_communications_ab | axis_p1428-e_network_camera |
Affected:
6.50
cpe:2.3:a:axis_communications_ab:axis_p1428-e_network_camera:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:axis_communications_ab:axis_q6128-e_ptz_network_camera:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "axis_q6128-e_ptz_network_camera",
"vendor": "axis_communications_ab",
"versions": [
{
"status": "affected",
"version": "6.50"
}
]
},
{
"cpes": [
"cpe:2.3:a:axis_communications_ab:axis_p1428-e_network_camera:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "axis_p1428-e_network_camera",
"vendor": "axis_communications_ab",
"versions": [
{
"status": "affected",
"version": "6.50"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T14:49:53.871536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T14:52:36.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "AXIS Q6128-E PTZ Network Camera",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "6.50"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "AXIS P1428-E Network Camera",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "6.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Florent Thi\u00e9ry has found that selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network. \nAxis has released patched AXIS OS versions for the highlighted flaw for products that are still under AXIS OS software support. Please refer to the Axis security advisory for more information and solution.\n\n\u003cbr\u003e"
}
],
"value": "Florent Thi\u00e9ry has found that selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network. \nAxis has released patched AXIS OS versions for the highlighted flaw for products that are still under AXIS OS software support. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284: Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T05:33:54.460Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/b7/76/b2/cve-2024-47257pdf-en-US-458044.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-47257",
"datePublished": "2024-11-26T07:21:41.556Z",
"dateReserved": "2024-09-23T16:37:50.255Z",
"dateUpdated": "2024-11-29T05:33:54.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-5
Implementation
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
No CAPEC attack patterns related to this CWE.