Lucene search

[email protected]CVE-2012-6438

HistoryJan 24, 2013 - 9:55 p.m.

CVE-2012-6438

2013-01-2421:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-6438

rockwell automation

ethernet/ip

buffer overflow

remote attack

denial of service

nvd

7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.027 Low

EPSS

Percentile

90.4%

JSON

Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows remote attackers to cause a denial of service (NIC crash and communication outage) via a malformed CIP packet.

CPENameOperatorVersion
rockwellautomation:guardlogix_controllersrockwellautomation guardlogix controllersle20
rockwellautomation:compactlogix_controllersrockwellautomation compactlogix controllersle19
rockwellautomation:1794-aentr_flex_i\/o_ethernet\/ip_adapterrockwellautomation 1794-aentr flex i\/o ethernet\/ip adaptereq-
rockwellautomation:flexlogix_1788-enbt_adapterrockwellautomation flexlogix 1788-enbt adaptereq-
rockwellautomation:micrologixrockwellautomation micrologixle1400
rockwellautomation:guardlogixrockwellautomation guardlogixle18
rockwellautomation:micrologixrockwellautomation micrologixle1100
rockwellautomation:1768-enbtrockwellautomation 1768-enbteq-
rockwellautomation:1756-enbtrockwellautomation 1756-enbteq-
rockwellautomation:compactlogixrockwellautomation compactlogixle18

CPE	Name	Operator	Version
rockwellautomation:guardlogix_controllers	rockwellautomation guardlogix controllers	le	20
rockwellautomation:compactlogix_controllers	rockwellautomation compactlogix controllers	le	19
rockwellautomation:1794-aentr_flex_i\/o_ethernet\/ip_adapter	rockwellautomation 1794-aentr flex i\/o ethernet\/ip adapter	eq	-
rockwellautomation:flexlogix_1788-enbt_adapter	rockwellautomation flexlogix 1788-enbt adapter	eq	-
rockwellautomation:micrologix	rockwellautomation micrologix	le	1400
rockwellautomation:guardlogix	rockwellautomation guardlogix	le	18
rockwellautomation:micrologix	rockwellautomation micrologix	le	1100
rockwellautomation:1768-enbt	rockwellautomation 1768-enbt	eq	-
rockwellautomation:1756-enbt	rockwellautomation 1756-enbt	eq	-
rockwellautomation:compactlogix	rockwellautomation compactlogix	le	18

Rows per page:

1-10 of 181

References

www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf

7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.027 Low

EPSS

Percentile

90.4%

JSON

Related for CVE-2012-6438

prion1 cvelist1 nessus4 ics1