fkie_cve-2018-16196
Vulnerability from fkie_nvd
Published
2019-01-09 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | http://www.securityfocus.com/bid/106442 | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | https://jvn.jp/vu/JVNVU93652047/index.html | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106442 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/vu/JVNVU93652047/index.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| yokogawa | centum_cs_3000_firmware | * | |
| yokogawa | centum_cs_3000 | - | |
| yokogawa | centum_cs_3000_entry_class | * | |
| yokogawa | centum_vp_firmware | * | |
| yokogawa | centum_vp | - | |
| yokogawa | centum_vp_entry_class | * | |
| yokogawa | b\/m9000_vp | * | |
| yokogawa | exaopc | * | |
| yokogawa | fast\/tools | * | |
| yokogawa | plant_resource_manager | * | |
| yokogawa | prosafe-rs | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3EBF753-16FD-40D3-8EED-D72C32883883",
"versionEndIncluding": "r3.09.50",
"versionStartIncluding": "r3.05.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAF123F6-D4A3-49B3-B8BC-14AA63E3A46A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000_entry_class:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B46C20CD-6CA3-4233-BBFF-66E7987C2150",
"versionEndIncluding": "r3.09.50",
"versionStartIncluding": "r3.05.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1045034-D824-4CC1-9326-EEBA3FB34AAA",
"versionEndIncluding": "r6.03.10",
"versionStartIncluding": "r4.01.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161A4767-228C-4681-9D20-81D9380CE48A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:centum_vp_entry_class:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0FF6A1-E352-4EC5-B34B-2C5276B970C9",
"versionEndIncluding": "r6.03.10",
"versionStartIncluding": "r4.01.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:b\\/m9000_vp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F81F5B-CDB6-4FF2-80CB-D1CA0ABF2C24",
"versionEndIncluding": "r8.01.90",
"versionStartIncluding": "r6.03.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFDEE53D-6CF1-4DAF-95DE-BE832CC2A9A0",
"versionEndIncluding": "r3.75.00",
"versionStartIncluding": "r3.10.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:fast\\/tools:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B22E279-3BFE-4F58-A639-7761559A1365",
"versionEndIncluding": "r10.02.00",
"versionStartIncluding": "r9.02.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67C8BD51-4D87-4BDF-AF28-68B327392BEE",
"versionEndIncluding": "r3.31.00",
"versionStartIncluding": "r2.06.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:prosafe-rs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96B459FD-0656-4E3F-A669-F5D07F60949C",
"versionEndIncluding": "r4.02.00",
"versionStartIncluding": "r1.02.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver\u0027s communication via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples productos Yokogawa que contienen el controlador Vnet/IP Open Communication (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00) y B/M9000 VP(R6.03.01 - R8.01.90)) permiten que atacantes remotos provoquen una denegaci\u00f3n de servicio (DoS) que podr\u00eda resultar en la detenci\u00f3n de la comunicaci\u00f3n del controlador Vnet/IP Open Communication mediante vectores sin especificar."
}
],
"id": "CVE-2018-16196",
"lastModified": "2024-11-21T03:52:16.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-09T23:29:04.560",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106442"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/vu/JVNVU93652047/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/vu/JVNVU93652047/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.