Lucene search

K
cve[email protected]CVE-2013-0693
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-0693

2022-10-0316:15:03
CWE-200
web.nvd.nist.gov
23
cve-2013-0693
enea ose
emerson process management
roc800
dl8000
roc800l
remote attack
network beacon
broadcasts
sensitive information

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive information about device presence by listening for broadcast traffic.

Affected configurations

NVD
Node
eneaoseRange1.20
AND
emersonroc_800l_remote_terminal_unitMatch-
Node
eneaoseRange2.30
AND
emersondl_8000_remote_terminal_unitMatch-
Node
eneaoseRange3.50
AND
emersonroc_800_remote_terminal_unitMatch-

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

Related for CVE-2013-0693