Lucene search

PRIOn knowledge basePRION:CVE-2015-8330

HistoryNov 24, 2015 - 8:59 p.m.

Memory corruption

2015-11-2420:59:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.016 Low

EPSS

Percentile

87.0%

JSON

The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619.

References

packetstormsecurity.com/files/135775/SAP-PCo-2.2-2.3-15.0-15.1-Denial-Of-Service.html

seclists.org/fulldisclosure/2016/Feb/69

www.securityfocus.com/archive/1/537517/100/0/threaded

erpscan.io/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/

www.onapsis.com/blog/analyzing-sap-security-notes-november-2015

7.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.016 Low

EPSS

Percentile

87.0%

JSON

Related for PRION:CVE-2015-8330