Lucene search

[email protected]CVE-2023-3242

HistoryJul 26, 2023 - 6:15 p.m.

CVE-2023-3242

2023-07-2618:15:11

CWE-665

[email protected]

web.nvd.nist.gov

cve-2023-3242

resource allocation

throttling

vulnerability

b&r industrial automation

nvd

race conditions

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.0005 Low

EPSS

Percentile

16.0%

JSON

Allocation of Resources Without Limits or Throttling, Improper Initialization vulnerability in B&R Industrial Automation B&R Automation Runtime allows Flooding, Leveraging Race Conditions.This issue affects B&R Automation Runtime: <G4.93.

CPENameOperatorVersion
br-automation:automation_runtimebr-automation automation runtimeltg4.93
br-automation:automation_runtimebr-automation automation runtimeeq4.63
br-automation:automation_runtimebr-automation automation runtimeeq3.00
br-automation:automation_runtimebr-automation automation runtimeeq4.03
br-automation:automation_runtimebr-automation automation runtimeeq3.01
br-automation:automation_runtimebr-automation automation runtimeeq2.96
br-automation:automation_runtimebr-automation automation runtimeeq4.40
br-automation:automation_runtimebr-automation automation runtimeeq4.60
br-automation:automation_runtimebr-automation automation runtimeeq4.72
br-automation:automation_runtimebr-automation automation runtimeeqf4.45

CPE	Name	Operator	Version
br-automation:automation_runtime	br-automation automation runtime	lt	g4.93
br-automation:automation_runtime	br-automation automation runtime	eq	4.63
br-automation:automation_runtime	br-automation automation runtime	eq	3.00
br-automation:automation_runtime	br-automation automation runtime	eq	4.03
br-automation:automation_runtime	br-automation automation runtime	eq	3.01
br-automation:automation_runtime	br-automation automation runtime	eq	2.96
br-automation:automation_runtime	br-automation automation runtime	eq	4.40
br-automation:automation_runtime	br-automation automation runtime	eq	4.60
br-automation:automation_runtime	br-automation automation runtime	eq	4.72
br-automation:automation_runtime	br-automation automation runtime	eq	f4.45

Rows per page:

1-10 of 241

References

www.br-automation.com/downloads_br_productcatalogue/assets/1689787619746-en-original-1.0.pdf

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.0005 Low

EPSS

Percentile

16.0%

JSON

Related for CVE-2023-3242

prion1 cvelist1