Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
14 vulnerabilities by matrikonopc
VAR-201411-0414
Vulnerability from variot - Updated: 2023-12-18 13:48MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message. Supplementary information : CWE Vulnerability types by CWE-17: Code ( code ) Has been identified. MatrikonOPC DNP3 OPC Server is a remote SCADA communication OPC server product from MatrikonOPC of Canada. This product can be connected to multiple DNP3 compatible devices. MatrikonOPC Server for DNP3 is prone to a remote denial-of-service vulnerability because it fails to handle exceptional conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0414",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dnp3 opc server",
"scope": "lte",
"trust": 1.0,
"vendor": "matrikonopc",
"version": "1.2.3"
},
{
"model": "opc server for dnp3",
"scope": "lte",
"trust": 0.8,
"vendor": "matrikonopc",
"version": "1.2.3"
},
{
"model": "dnp3 opc server",
"scope": "eq",
"trust": 0.6,
"vendor": "matrikonopc",
"version": "1.2.3.0"
},
{
"model": "dnp3 opc server",
"scope": "eq",
"trust": 0.6,
"vendor": "matrikonopc",
"version": "1.2.3"
},
{
"model": "opc server for dnp3",
"scope": "eq",
"trust": 0.3,
"vendor": "matrikonopc",
"version": "1.2"
},
{
"model": "opc server for dnp3",
"scope": "eq",
"trust": 0.3,
"vendor": "matrikonopc",
"version": "1.2.3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dnp3 opc server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"db": "BID",
"id": "71296"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"db": "NVD",
"id": "CVE-2014-5426"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:matrikonopc:dnp3_opc_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.2.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5426"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Crain of Automatak and Chris Sistrunk",
"sources": [
{
"db": "BID",
"id": "71296"
}
],
"trust": 0.3
},
"cve": "CVE-2014-5426",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-5426",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-08577",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "b4869384-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-5426",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-08577",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-510",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"db": "NVD",
"id": "CVE-2014-5426"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message. Supplementary information : CWE Vulnerability types by CWE-17: Code ( code ) Has been identified. MatrikonOPC DNP3 OPC Server is a remote SCADA communication OPC server product from MatrikonOPC of Canada. This product can be connected to multiple DNP3 compatible devices. MatrikonOPC Server for DNP3 is prone to a remote denial-of-service vulnerability because it fails to handle exceptional conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5426"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"db": "BID",
"id": "71296"
},
{
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-5426",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-14-329-01",
"trust": 3.3
},
{
"db": "BID",
"id": "71296",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-08577",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-510",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005690",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "60234",
"trust": 0.6
},
{
"db": "IVD",
"id": "B4869384-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"db": "BID",
"id": "71296"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"db": "NVD",
"id": "CVE-2014-5426"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
]
},
"id": "VAR-201411-0414",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08577"
}
],
"trust": 1.15
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08577"
}
]
},
"last_update_date": "2023-12-18T13:48:56.994000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SECURITY NOTIFICATION OPC Server for SCADA DNP3 SN 2014-10-14-01",
"trust": 0.8,
"url": "http://www.opcsupport.com/link/portal/4164/4590/article/3004/security-notification-opc-server-for-scada-dnp3-sn-2014-10-14-01"
},
{
"title": "Patch for MatrikonOPC DNP3 OPC Server Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/52270"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005690"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-17",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"db": "NVD",
"id": "CVE-2014-5426"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-329-01"
},
{
"trust": 1.6,
"url": "http://www.opcsupport.com/link/portal/4164/4590/article/3004/security-notification-opc-server-for-scada-dnp3-sn-2014-10-14-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5426"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5426"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/71296"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60234"
},
{
"trust": 0.3,
"url": "http://www.matrikonopc.com/"
},
{
"trust": 0.3,
"url": "http://opcsupport.com/link/portal/4164/4590/article/3004/security-notification-opc-server-for-scada-dnp3-sn-2014-10-14-01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"db": "BID",
"id": "71296"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"db": "NVD",
"id": "CVE-2014-5426"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"db": "BID",
"id": "71296"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"db": "NVD",
"id": "CVE-2014-5426"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-28T00:00:00",
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-11-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"date": "2014-10-22T00:00:00",
"db": "BID",
"id": "71296"
},
{
"date": "2014-12-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"date": "2014-11-27T15:59:00.083000",
"db": "NVD",
"id": "CVE-2014-5426"
},
{
"date": "2014-11-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"date": "2014-10-22T00:00:00",
"db": "BID",
"id": "71296"
},
{
"date": "2014-12-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005690"
},
{
"date": "2014-11-28T15:13:24.783000",
"db": "NVD",
"id": "CVE-2014-5426"
},
{
"date": "2014-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MatrikonOPC DNP3 OPC Server Denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "b4869384-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08577"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-510"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "71296"
}
],
"trust": 0.3
}
}
VAR-201402-0089
Vulnerability from variot - Updated: 2023-12-18 13:14MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet. MatrikonOPC is the world's largest OPC developer and supplier. Allows an attacker to exploit a vulnerability to launch a denial of service attack. Successful exploits may allow an attacker to cause denial-of-service conditions. DNP3 OPC Server versions prior to 1.2.2.0 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scada dnp3 opc server",
"scope": "eq",
"trust": 1.6,
"vendor": "matrikonopc",
"version": "1.2.0"
},
{
"model": "scada dnp3 opc server",
"scope": "lte",
"trust": 1.0,
"vendor": "matrikonopc",
"version": "1.2.2.0"
},
{
"model": "opc server for dnp3",
"scope": "lte",
"trust": 0.8,
"vendor": "matrikonopc",
"version": "1.2.2.0"
},
{
"model": "dnp3 opc server",
"scope": "lt",
"trust": 0.6,
"vendor": "matrikonopc",
"version": "1.2.2.0"
},
{
"model": "scada dnp3 opc server",
"scope": "eq",
"trust": 0.6,
"vendor": "matrikonopc",
"version": "1.2.2.0"
},
{
"model": "dnp3 opc server",
"scope": "eq",
"trust": 0.3,
"vendor": "matrikonopc",
"version": "1.2"
},
{
"model": "dnp3 opc server",
"scope": "ne",
"trust": 0.3,
"vendor": "matrikonopc",
"version": "1.2.2.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"db": "BID",
"id": "65502"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"db": "NVD",
"id": "CVE-2013-2829"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:matrikonopc:scada_dnp3_opc_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:matrikonopc:scada_dnp3_opc_server:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2829"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Crain of Automatak and Chris Sistrunk",
"sources": [
{
"db": "BID",
"id": "65502"
}
],
"trust": 0.3
},
"cve": "CVE-2013-2829",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-2829",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-01041",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-2829",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-01041",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-185",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"db": "NVD",
"id": "CVE-2013-2829"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet. MatrikonOPC is the world\u0027s largest OPC developer and supplier. Allows an attacker to exploit a vulnerability to launch a denial of service attack. \nSuccessful exploits may allow an attacker to cause denial-of-service conditions. \nDNP3 OPC Server versions prior to 1.2.2.0 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2829"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"db": "BID",
"id": "65502"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2829",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-010-01",
"trust": 2.7
},
{
"db": "BID",
"id": "65502",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006044",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-01041",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "56883",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201402-185",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"db": "BID",
"id": "65502"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"db": "NVD",
"id": "CVE-2013-2829"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
]
},
"id": "VAR-201402-0089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.35
},
"last_update_date": "2023-12-18T13:14:53.063000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DNP3 OPC Server",
"trust": 0.8,
"url": "http://www.matrikonopc.com/opc-drivers/opc-dnp3/base-driver-details.aspx"
},
{
"title": "Patch for MatrikonOPC DNP3 OPC Server Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43705"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"db": "NVD",
"id": "CVE-2013-2829"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-010-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2829"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2829"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/65502"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56883"
},
{
"trust": 0.3,
"url": "http://www.matrikonopc.com/"
},
{
"trust": 0.3,
"url": "http://www.opcsupport.com/ics/support/default.asp?deptid=4590"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"db": "BID",
"id": "65502"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"db": "NVD",
"id": "CVE-2013-2829"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"db": "BID",
"id": "65502"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"db": "NVD",
"id": "CVE-2013-2829"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"date": "2014-02-11T00:00:00",
"db": "BID",
"id": "65502"
},
{
"date": "2014-02-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"date": "2014-02-14T13:10:47.467000",
"db": "NVD",
"id": "CVE-2013-2829"
},
{
"date": "2014-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01041"
},
{
"date": "2014-02-11T00:00:00",
"db": "BID",
"id": "65502"
},
{
"date": "2014-02-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006044"
},
{
"date": "2014-02-14T17:48:15.310000",
"db": "NVD",
"id": "CVE-2013-2829"
},
{
"date": "2014-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MatrikonOPC SCADA DNP3 OPC Server Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006044"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-185"
}
],
"trust": 0.6
}
}
VAR-201805-1129
Vulnerability from variot - Updated: 2023-12-18 12:50Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users to transfer arbitrary files from a host computer and consequently obtain sensitive information via vectors related to MSXML libraries. Honeywell MatrikonOPC OPC Controller Contains an information disclosure vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. MatrikonOPC Explorer is a free tool for viewing data items contained in OPC servers and detecting OPC network communications. A file transfer vulnerability exists in MatrikonOPC Explorer that allows an attacker to transfer unauthorized files from the host system. MatrikonOPC Explorer is prone to local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1129",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "matrikonopc explorer",
"scope": "lt",
"trust": 1.8,
"vendor": "honeywell",
"version": "5.1.0.0"
},
{
"model": "explorer",
"scope": "lte",
"trust": 0.6,
"vendor": "matrikonopc",
"version": "\u003c=5.0"
},
{
"model": "explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "matrikonopc",
"version": "5.0"
},
{
"model": "explorer",
"scope": "ne",
"trust": 0.3,
"vendor": "matrikonopc",
"version": "5.1.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "matrikonopc explorer",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"db": "BID",
"id": "104157"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"db": "NVD",
"id": "CVE-2018-8714"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:honeywell:matrikonopc_explorer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.1.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8714"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ilya Kapov of Positive Technologies",
"sources": [
{
"db": "BID",
"id": "104157"
}
],
"trust": 0.3
},
"cve": "CVE-2018-8714",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 3.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-8714",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-09680",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-8714",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-8714",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-09680",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-510",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"db": "NVD",
"id": "CVE-2018-8714"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users to transfer arbitrary files from a host computer and consequently obtain sensitive information via vectors related to MSXML libraries. Honeywell MatrikonOPC OPC Controller Contains an information disclosure vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. MatrikonOPC Explorer is a free tool for viewing data items contained in OPC servers and detecting OPC network communications. A file transfer vulnerability exists in MatrikonOPC Explorer that allows an attacker to transfer unauthorized files from the host system. MatrikonOPC Explorer is prone to local security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"db": "BID",
"id": "104157"
},
{
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-8714",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-130-01",
"trust": 3.3
},
{
"db": "BID",
"id": "104157",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2018-09680",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-510",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005406",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2EF5F80-39AB-11E9-9C2F-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"db": "BID",
"id": "104157"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"db": "NVD",
"id": "CVE-2018-8714"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
]
},
"id": "VAR-201805-1129",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09680"
}
],
"trust": 1.55
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09680"
}
]
},
"last_update_date": "2023-12-18T12:50:45.064000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SECURITY NOTIFICATION - OPC Explorer - SN 2017-04-27 01",
"trust": 0.8,
"url": "https://www.opcsupport.com/s/article/security-notification-opc-explorer-sn-2017-04-27-01"
},
{
"title": "Patch for MatrikonOPC Explorer File Transfer Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/129347"
},
{
"title": "Honeywell MatrikonOPC OPC Controller Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83444"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"db": "NVD",
"id": "CVE-2018-8714"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-130-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104157"
},
{
"trust": 1.6,
"url": "https://www.opcsupport.com/s/article/security-notification-opc-explorer-sn-2017-04-27-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8714"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8714"
},
{
"trust": 0.3,
"url": "http://www.matrikonopc.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"db": "BID",
"id": "104157"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"db": "NVD",
"id": "CVE-2018-8714"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"db": "BID",
"id": "104157"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"db": "NVD",
"id": "CVE-2018-8714"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-17T00:00:00",
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
},
{
"date": "2018-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"date": "2018-05-10T00:00:00",
"db": "BID",
"id": "104157"
},
{
"date": "2018-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"date": "2018-05-17T19:29:00.837000",
"db": "NVD",
"id": "CVE-2018-8714"
},
{
"date": "2018-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09680"
},
{
"date": "2018-05-10T00:00:00",
"db": "BID",
"id": "104157"
},
{
"date": "2018-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005406"
},
{
"date": "2018-06-27T15:17:15.463000",
"db": "NVD",
"id": "CVE-2018-8714"
},
{
"date": "2018-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "104157"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MatrikonOPC Explorer File transfer vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2ef5f80-39ab-11e9-9c2f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09680"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-510"
}
],
"trust": 0.6
}
}
VAR-201305-0093
Vulnerability from variot - Updated: 2023-12-18 12:45The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet. MatrikonOPC is the world's largest OPC developer and supplier.
MatrikonOPC A and E Historian and Security Gateway handle a specially crafted reset message (RST). Multiple MatrikonOPC products are prone to a remote denial-of-service vulnerability. A vulnerability exists in the configuration utility in version 1.0 of MatrikonOPC Security Gateway
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201305-0093",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "security gateway",
"scope": "eq",
"trust": 2.7,
"vendor": "matrikonopc",
"version": "1.0"
},
{
"model": "matrikon a and e historian",
"scope": "eq",
"trust": 0.6,
"vendor": "matrikonopc",
"version": "1.0.0.0"
},
{
"model": "matrikon security gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "matrikonopc",
"version": "1.0"
},
{
"model": "a\u0026e historian",
"scope": "eq",
"trust": 0.3,
"vendor": "matrikonopc",
"version": "1.0.0.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"db": "BID",
"id": "59535"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"db": "NVD",
"id": "CVE-2013-0666"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:matrikonopc:matrikonopc_security_gateway:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0666"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dillon Beresford of Cimation",
"sources": [
{
"db": "BID",
"id": "59535"
}
],
"trust": 0.3
},
"cve": "CVE-2013-0666",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-0666",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-04622",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-60668",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0666",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-04622",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201305-004",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60668",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"db": "VULHUB",
"id": "VHN-60668"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"db": "NVD",
"id": "CVE-2013-0666"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet. MatrikonOPC is the world\u0027s largest OPC developer and supplier. \n\nMatrikonOPC A and E Historian and Security Gateway handle a specially crafted reset message (RST). Multiple MatrikonOPC products are prone to a remote denial-of-service vulnerability. A vulnerability exists in the configuration utility in version 1.0 of MatrikonOPC Security Gateway",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0666"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"db": "BID",
"id": "59535"
},
{
"db": "VULHUB",
"id": "VHN-60668"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-13-106-01",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2013-0666",
"trust": 3.4
},
{
"db": "BID",
"id": "59535",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201305-004",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-04622",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-60668",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"db": "VULHUB",
"id": "VHN-60668"
},
{
"db": "BID",
"id": "59535"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"db": "NVD",
"id": "CVE-2013-0666"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
]
},
"id": "VAR-201305-0093",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60668"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:45:32.972000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OPC Security",
"trust": 0.8,
"url": "http://www.matrikonopc.com/products/opc-security/index.aspx"
},
{
"title": "Patch for Multiple MatrikonOPC Product Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33742"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60668"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"db": "NVD",
"id": "CVE-2013-0666"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-106-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0666"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0666"
},
{
"trust": 0.3,
"url": "http://www.matrikonopc.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"db": "VULHUB",
"id": "VHN-60668"
},
{
"db": "BID",
"id": "59535"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"db": "NVD",
"id": "CVE-2013-0666"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"db": "VULHUB",
"id": "VHN-60668"
},
{
"db": "BID",
"id": "59535"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"db": "NVD",
"id": "CVE-2013-0666"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"date": "2013-05-01T00:00:00",
"db": "VULHUB",
"id": "VHN-60668"
},
{
"date": "2013-04-26T00:00:00",
"db": "BID",
"id": "59535"
},
{
"date": "2013-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"date": "2013-05-01T12:00:08.080000",
"db": "NVD",
"id": "CVE-2013-0666"
},
{
"date": "2013-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04622"
},
{
"date": "2013-05-01T00:00:00",
"db": "VULHUB",
"id": "VHN-60668"
},
{
"date": "2013-04-26T00:00:00",
"db": "BID",
"id": "59535"
},
{
"date": "2013-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002528"
},
{
"date": "2013-05-01T12:00:08.080000",
"db": "NVD",
"id": "CVE-2013-0666"
},
{
"date": "2013-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MatrikonOPC Security Gateway Service operation in the configuration utility (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002528"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-004"
}
],
"trust": 0.6
}
}
CVE-2014-5426 (GCVE-0-2014-5426)
Vulnerability from nvd – Published: 2014-11-27 15:00 – Updated: 2024-08-06 11:41
VLAI
Summary
MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.opcsupport.com/link/portal/4164/4590/A… | x_refsource_CONFIRM |
| https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01 | x_refsource_MISC |
Date Public
2014-11-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:49.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.opcsupport.com/link/portal/4164/4590/Article/3004/SECURITY-NOTIFICATION-OPC-Server-for-SCADA-DNP3-SN-2014-10-14-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-27T15:57:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.opcsupport.com/link/portal/4164/4590/Article/3004/SECURITY-NOTIFICATION-OPC-Server-for-SCADA-DNP3-SN-2014-10-14-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-5426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.opcsupport.com/link/portal/4164/4590/Article/3004/SECURITY-NOTIFICATION-OPC-Server-for-SCADA-DNP3-SN-2014-10-14-01",
"refsource": "CONFIRM",
"url": "http://www.opcsupport.com/link/portal/4164/4590/Article/3004/SECURITY-NOTIFICATION-OPC-Server-for-SCADA-DNP3-SN-2014-10-14-01"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-5426",
"datePublished": "2014-11-27T15:00:00.000Z",
"dateReserved": "2014-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:41:49.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2829 (GCVE-0-2013-2829)
Vulnerability from nvd – Published: 2014-02-13 22:00 – Updated: 2024-08-06 15:52
VLAI
Summary
MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01 | x_refsource_MISC |
Date Public
2014-02-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:20.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-13T22:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2829",
"datePublished": "2014-02-13T22:00:00.000Z",
"dateReserved": "2013-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:52:20.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2791 (GCVE-0-2013-2791)
Vulnerability from nvd – Published: 2013-09-09 10:00 – Updated: 2024-09-16 18:39
VLAI
Summary
MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A | x_refsource_MISC |
| http://www.opcsupport.com/ics/support/KBAnswer.as… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:20.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.opcsupport.com/ics/support/KBAnswer.asp?questionID=2890"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-09T10:00:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.opcsupport.com/ics/support/KBAnswer.asp?questionID=2890"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A"
},
{
"name": "http://www.opcsupport.com/ics/support/KBAnswer.asp?questionID=2890",
"refsource": "CONFIRM",
"url": "http://www.opcsupport.com/ics/support/KBAnswer.asp?questionID=2890"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2791",
"datePublished": "2013-09-09T10:00:00.000Z",
"dateReserved": "2013-04-11T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:39:43.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0673 (GCVE-0-2013-0673)
Vulnerability from nvd – Published: 2013-05-01 10:00 – Updated: 2024-09-16 19:41
VLAI
Summary
Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A&E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A\u0026E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-01T10:00:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A\u0026E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0673",
"datePublished": "2013-05-01T10:00:00.000Z",
"dateReserved": "2012-12-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:41:59.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0666 (GCVE-0-2013-0666)
Vulnerability from nvd – Published: 2013-05-01 10:00 – Updated: 2024-09-16 20:43
VLAI
Summary
The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-01T10:00:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0666",
"datePublished": "2013-05-01T10:00:00.000Z",
"dateReserved": "2012-12-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:43:02.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5426 (GCVE-0-2014-5426)
Vulnerability from cvelistv5 – Published: 2014-11-27 15:00 – Updated: 2024-08-06 11:41
VLAI
Summary
MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.opcsupport.com/link/portal/4164/4590/A… | x_refsource_CONFIRM |
| https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01 | x_refsource_MISC |
Date Public
2014-11-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:49.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.opcsupport.com/link/portal/4164/4590/Article/3004/SECURITY-NOTIFICATION-OPC-Server-for-SCADA-DNP3-SN-2014-10-14-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-27T15:57:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.opcsupport.com/link/portal/4164/4590/Article/3004/SECURITY-NOTIFICATION-OPC-Server-for-SCADA-DNP3-SN-2014-10-14-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-5426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.opcsupport.com/link/portal/4164/4590/Article/3004/SECURITY-NOTIFICATION-OPC-Server-for-SCADA-DNP3-SN-2014-10-14-01",
"refsource": "CONFIRM",
"url": "http://www.opcsupport.com/link/portal/4164/4590/Article/3004/SECURITY-NOTIFICATION-OPC-Server-for-SCADA-DNP3-SN-2014-10-14-01"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-329-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-5426",
"datePublished": "2014-11-27T15:00:00.000Z",
"dateReserved": "2014-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:41:49.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2829 (GCVE-0-2013-2829)
Vulnerability from cvelistv5 – Published: 2014-02-13 22:00 – Updated: 2024-08-06 15:52
VLAI
Summary
MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01 | x_refsource_MISC |
Date Public
2014-02-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:20.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-13T22:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed DNP3 packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-010-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2829",
"datePublished": "2014-02-13T22:00:00.000Z",
"dateReserved": "2013-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:52:20.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2791 (GCVE-0-2013-2791)
Vulnerability from cvelistv5 – Published: 2013-09-09 10:00 – Updated: 2024-09-16 18:39
VLAI
Summary
MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A | x_refsource_MISC |
| http://www.opcsupport.com/ics/support/KBAnswer.as… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:20.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.opcsupport.com/ics/support/KBAnswer.asp?questionID=2890"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-09T10:00:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.opcsupport.com/ics/support/KBAnswer.asp?questionID=2890"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A"
},
{
"name": "http://www.opcsupport.com/ics/support/KBAnswer.asp?questionID=2890",
"refsource": "CONFIRM",
"url": "http://www.opcsupport.com/ics/support/KBAnswer.asp?questionID=2890"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2791",
"datePublished": "2013-09-09T10:00:00.000Z",
"dateReserved": "2013-04-11T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:39:43.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0673 (GCVE-0-2013-0673)
Vulnerability from cvelistv5 – Published: 2013-05-01 10:00 – Updated: 2024-09-16 19:41
VLAI
Summary
Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A&E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A\u0026E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-01T10:00:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A\u0026E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0673",
"datePublished": "2013-05-01T10:00:00.000Z",
"dateReserved": "2012-12-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:41:59.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0666 (GCVE-0-2013-0666)
Vulnerability from cvelistv5 – Published: 2013-05-01 10:00 – Updated: 2024-09-16 20:43
VLAI
Summary
The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-01T10:00:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-106-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0666",
"datePublished": "2013-05-01T10:00:00.000Z",
"dateReserved": "2012-12-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:43:02.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}