Code injection

2022-03-1109:15:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.1%

JSON

CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.

CPENameOperatorVersion
centum_cs_3000_entry_firmwareeq>= r3.8.10 AND <= r3.9.0
centum_cs_3000_firmwareeq>= r3.8.10 AND <= r3.9.0
centum_vp_entry_firmwareeq>= r4.1.0 AND <= r4.3.0
centum_vp_entry_firmwareeq>= r5.1.0 AND <= r5.4.20
centum_vp_entry_firmwareeq>= r6.1.0 AND < r6.9.0
centum_vp_firmwareeq>= r4.1.0 AND <= r4.3.0
centum_vp_firmwareeq>= r5.1.0 AND <= r5.4.20
centum_vp_firmwareeq>= r6.1.0 AND < r6.9.0
exaopceq>= r3.72.0 AND < r3.80.0

Name	Operator	Version
centum_cs_3000_entry_firmware	eq	>= r3.8.10 AND <= r3.9.0
centum_cs_3000_firmware	eq	>= r3.8.10 AND <= r3.9.0
centum_vp_entry_firmware	eq	>= r4.1.0 AND <= r4.3.0
centum_vp_entry_firmware	eq	>= r5.1.0 AND <= r5.4.20
centum_vp_entry_firmware	eq	>= r6.1.0 AND < r6.9.0
centum_vp_firmware	eq	>= r4.1.0 AND <= r4.3.0
centum_vp_firmware	eq	>= r5.1.0 AND <= r5.4.20
centum_vp_firmware	eq	>= r6.1.0 AND < r6.9.0
exaopc	eq	>= r3.72.0 AND < r3.80.0

References

web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf