CVE-2017-14028

{"id": "CVE-2017-14028", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-11-16T21:29:00.293", "references": [{"url": "http://www.securityfocus.com/bid/101885", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "http://www.securityfocus.com/bid/101885", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-400"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exhaust memory resources by sending a large amount of TCP SYN packets."}, {"lang": "es", "value": "Un problema de agotamiento de recursos se descubri\u00f3 en Moxa NPort 5110 2.2, NPort 5110 2.4, NPort 5110 2.6, NPort 5110 2.7, NPort 5130 3.7 y anteriores, y NPort 5150 3.7 y anteriores. Un atacante podr\u00eda agotar los recursos de la memoria enviando un a gran cantidad de paquetes TCP SYN."}], "lastModified": "2024-11-21T03:12:00.437", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5110_firmware:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA640858-27A0-474E-A90C-AF61EB5D07D4"}, {"criteria": "cpe:2.3:o:moxa:nport_5110_firmware:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1EEFB08-1A1C-41E0-9A9A-DE88F82D97CB"}, {"criteria": "cpe:2.3:o:moxa:nport_5110_firmware:2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4ABA135-2EB9-47A1-AFE9-1EAA96BAD220"}, {"criteria": "cpe:2.3:o:moxa:nport_5110_firmware:2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C34FCCC1-FD11-4734-BEAB-1577510DDA21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5110:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B9D28B00-C0BD-4B70-B871-9D18F37DCBE9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5130_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D10C4E5F-1F08-409D-BECA-115BC44D4E56", "versionEndIncluding": "3.7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5130:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E5507650-F3BF-45AF-AA54-06CF3EAF7DDB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5150_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46E00EAC-F4D4-47F7-825C-35F9722DB51D", "versionEndIncluding": "3.7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CD7B68B-128D-4AB0-AE9E-A8B9329D67C5"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}