CVE-2013-2821

2013-12-2114:22:56

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.6

Confidence

High

EPSS

0.004

Percentile

74.6%

JSON

NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow remote attackers to cause a denial of service (driver crash and process restart) via a crafted DNP3 TCP packet.

Affected configurations

Nvd

Node

novatechorion5_dnp_masterMatch1.27.38

novatechorion5_dnp_slaveMatch1.23.10

novatechorion5r_dnp_masterMatch1.27.38

novatechorion5r_dnp_slaveMatch1.23.10

novatechorionlx_dnp_masterMatch1.27.38

novatechorionlx_dnp_slaveMatch1.23.10

VendorProductVersionCPE
novatechorion5_dnp_master1.27.38cpe:2.3:h:novatech:orion5_dnp_master:1.27.38:*:*:*:*:*:*:*
novatechorion5_dnp_slave1.23.10cpe:2.3:h:novatech:orion5_dnp_slave:1.23.10:*:*:*:*:*:*:*
novatechorion5r_dnp_master1.27.38cpe:2.3:h:novatech:orion5r_dnp_master:1.27.38:*:*:*:*:*:*:*
novatechorion5r_dnp_slave1.23.10cpe:2.3:h:novatech:orion5r_dnp_slave:1.23.10:*:*:*:*:*:*:*
novatechorionlx_dnp_master1.27.38cpe:2.3:h:novatech:orionlx_dnp_master:1.27.38:*:*:*:*:*:*:*
novatechorionlx_dnp_slave1.23.10cpe:2.3:h:novatech:orionlx_dnp_slave:1.23.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
novatech	orion5_dnp_master	1.27.38	cpe:2.3:h:novatech:orion5_dnp_master:1.27.38:::::::*
novatech	orion5_dnp_slave	1.23.10	cpe:2.3:h:novatech:orion5_dnp_slave:1.23.10:::::::*
novatech	orion5r_dnp_master	1.27.38	cpe:2.3:h:novatech:orion5r_dnp_master:1.27.38:::::::*
novatech	orion5r_dnp_slave	1.23.10	cpe:2.3:h:novatech:orion5r_dnp_slave:1.23.10:::::::*
novatech	orionlx_dnp_master	1.27.38	cpe:2.3:h:novatech:orionlx_dnp_master:1.27.38:::::::*
novatech	orionlx_dnp_slave	1.23.10	cpe:2.3:h:novatech:orionlx_dnp_slave:1.23.10:::::::*