Improper Input Validation vulnerability in ABB 800xA Base. An attacker who successfully exploited this vulnerability could cause services to crash by sending specifically crafted messages. This issue affects 800xA Base: from 6.0.0 through 6.1.1-2.
Vulnerabilidad de validación de entrada incorrecta en ABB 800xA Base. Un atacante que aprovechara con éxito esta vulnerabilidad podría provocar que los servicios fallaran al enviar mensajes específicamente diseñados. Este problema afecta a 800xA Base: desde 6.0.0 hasta 6.1.1-2.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | ADJACENT_NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:A/V:D/RE:M/U:X
| Attack Vector | ADJACENT |
|---|---|
| Attack Complexity | LOW |
| Attack Requirements | NONE |
| Privileges Required | LOW |
| User Interaction | NONE |
| Vulnerability Confidentiality | NONE |
| Vulnerability Integrity | NONE |
| Vulnerability Availability | HIGH |
| Subsequent Confidentiality | NONE |
| Subsequent Integrity | NONE |
| Subsequent Availability | NONE |
Source: [email protected]
Type: Secondary
| Source | Type | Description |
|---|---|---|
| [email protected] | Secondary |
en
CWE-1284
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| abb | 800xa_base_system | * | <built-in method update of dict object at 0x7b06ff12b500> | Application |
| abb | 800xa_base_system | * | <built-in method update of dict object at 0x7b06ff12a340> | Application |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:abb:800xa_base_system:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:abb:800xa_base_system:*:*:*:*:*:*:*:* |