Lucene search

[email protected]CVE-2014-5410

HistoryOct 03, 2014 - 6:55 p.m.

CVE-2014-5410

2014-10-0318:55:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2014-5410

dnp3

rockwell automation

allen-bradley micrologix

denial of service

remote attack

6.9 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.087 Low

EPSS

Percentile

94.5%

JSON

The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.

CPENameOperatorVersion
rockwellautomation:ab_micrologix_controllerrockwellautomation ab micrologix controllereq1400

CPE	Name	Operator	Version
rockwellautomation:ab_micrologix_controller	rockwellautomation ab micrologix controller	eq	1400

References

ics-cert.us-cert.gov/advisories/ICSA-14-254-02

6.9 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.087 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2014-5410

nessus2 cvelist1 ics1 prion1