Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIcscertCVE-2019-10977
HistoryMay 23, 2019 - 2:29 p.m.

CVE-2019-10977

2019-05-2314:29:07
CWE-755
CWE-400
icscert
web.nvd.nist.gov
82
cve
2019
10977
mitsubishi electric
melsec-q
ethernet module
qj71e71-100
ftp service
denial-of-service

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

42.0%

JSON

In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and cause a denial-of-service condition.

Affected configurations

Nvd
Node
mitsubishielectricqj71e71-100_firmwareRange20121
AND
mitsubishielectricqj71e71-100Match-
VendorProductVersionCPE
mitsubishielectricqj71e71-100_firmware*cpe:2.3:o:mitsubishielectric:qj71e71-100_firmware:*:*:*:*:*:*:*:*
mitsubishielectricqj71e71-100-cpe:2.3:h:mitsubishielectric:qj71e71-100:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "MELSEC-Q series Ethernet module",
    "vendor": "Mitsubishi Electric",
    "versions": [
      {
        "status": "affected",
        "version": "QJ71E71-100 serial number 20121 and prior"
      }
    ]
  }
]

Related

nessus 2
nvd 1
prion 1
cvelist 1
ics 1
nessus
nessus
Mitsubishielectric Qj71e71-100 Uncontrolled Resource Consumption
2019-11-08 00:00:00
Mitsubishi Electric MELSEC-Q Series Ethernet Module Uncontrolled Resource Consumption (CVE-2019-10977)
2022-02-07 00:00:00
nvd
nvd
CVE-2019-10977
2019-05-23 14:29:07
prion
prion
Race condition
2019-05-23 14:29:00
cvelist
cvelist
CVE-2019-10977
2019-05-23 13:28:22
ics
ics
Mitsubishi Electric MELSEC-Q Series Ethernet Module
2019-05-21 12:00:00

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

42.0%

JSON
Related for CVE-2019-10977
nessus2nvd1prion1cvelist1ics1