{"id": "CVE-2018-7758", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2018-04-18T20:29:00.623", "references": [{"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-074-02/", "tags": ["Vendor Advisory"], "source": "cybersecurity@se.com"}, {"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-074-03/", "tags": ["Vendor Advisory"], "source": "cybersecurity@se.com"}, {"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-074-04/", "tags": ["Vendor Advisory"], "source": "cybersecurity@se.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-613"}]}], "descriptions": [{"lang": "en", "value": "A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, MiCOM P540D Range with Legacy Ethernet Board, and MiCOM Px4x Rejuvenated could lose network communication in case of TCP/IP open requests on port 20000 (DNP3oE) if an older TCI/IP session is still open with identical IP address and port number."}, {"lang": "es", "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en MiCOM Px4x (excepto el rango P540) con una placa Ethernet heredada, MiCOM P540D Range con una placa Ethernet heredada y MiCOM Px4x Rejuvenated, de Schneider Electric, que podr\u00edan perder la comunicaci\u00f3n de red en caso de que TCP/IP abra peticiones en el puerto 20000 (DNP3oE) si una sesi\u00f3n TCP/IP m\u00e1s antigua siga abierta con una direcci\u00f3n IP y un n\u00famero de puerto id\u00e9nticos."}], "lastModified": "2018-05-29T13:59:38.087", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p141_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4F6DBB7-9624-4EA9-9919-1A69858E876C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p141:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CB66BA84-326B-4736-A1C3-23C392AA0D2D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p142_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43E65F7C-461D-4D9D-B53D-EEA1AA3ECCF4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p142:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA40F7D9-0CFD-4B3E-9778-20FA6629DC2A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p143_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE4E1A6F-3C57-4CF5-A51C-ABA423AFD8E8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p143:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE14D191-C5FB-49B3-9CD0-DE582BF8D78D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p145_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DDAAB33-6F1C-4F3B-BF97-FACE295A6DFB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p145:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB19F186-9198-4737-9DC3-38F8EC7D825E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p642_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBA81ADE-3E81-4BA1-BDA6-EFD7FC91066F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p642:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F386142-BBE2-4D2C-873C-94F4C8BADE2F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p643_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4337C146-B488-4E3B-8091-BC041EBE8F4D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p643:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C13F35E4-91ED-497C-9B90-7A6D34FA8420"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p645_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B4EB35E-F9B9-49B9-8A2F-00A7CB397425"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p645:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EC848CCA-0987-4E26-B0FB-9F84335E2C58"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p849_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41AF4930-4722-4CEA-A42B-38F81C984D2D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p849:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5AE56068-65C7-451B-8ADD-C3A50A832315"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p746_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0102F085-2B02-4146-8B25-C8F64DAD32A1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p746:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AD4F25E8-5A36-4534-AE1B-E71A6ADACF8C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p841a_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCB1DF33-2300-43F6-A250-9AFDA65CB47C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p841a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7F1E54F4-7E0C-4CC5-9F51-1C00EFA9A9A0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p841b_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADEA3E98-4313-4A70-9DCA-96603B0D466E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p841b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FB9780E6-18E4-44D4-B6D3-97B494977CA9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p443_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF8CD1C7-E37C-4C6B-A84A-2FC937E1B19E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p443:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "92A3446C-E8CE-4A68-B95E-AA112FE2DD92"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p445_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F250AFB-8187-486F-B5AC-9D62E0584A78"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p445:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E98C75F8-2B50-49D4-AC8C-889A70651984"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p446_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFD93D10-98BB-4392-9D11-490A85BA62E1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p446:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52678814-0201-4C3E-8CD8-439E98368FB6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p441_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B1F1246-EBC7-4C58-B935-F637CC1820F3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p441:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "35DB9B7B-4935-4571-B09B-7ECBE8E8C11A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p442_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82CAB7FC-4451-4D0C-B76B-999C7D53F4D9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p442:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1299E62E-5D4D-41E2-B17A-E2E0B4178A1D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p444_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48E304E6-5B69-4433-B697-C86937B949EB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p444:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29A144F1-6EEC-4F7D-91B7-282AC6CB337B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p541_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A73A8BC-CA96-40B0-8751-23CB49815F98"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p541:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E5A45309-43FE-4539-8A16-65AFD27EFA20"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p542_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6333E1B2-0753-45C9-B57D-1918C4E673DD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p542:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6AA1AC18-F559-4353-A4E5-67F1182DD90D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p543_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3CDE2C3-CC50-4819-869B-88BEF7675D62"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p543:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EAEFC6A3-C1F6-4814-BA6D-406F4567C314"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p544_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD5E489E-D768-4BD7-89AF-4CE3B193EECF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p544:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26E5D0E4-FAA0-48A3-B228-ADADA23805F5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p545_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8466FB17-8C8A-43D6-9763-03F6FD0C753F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p545:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "49B46E43-1C2D-4BD5-95D9-E8EF278F3CE7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:micom_p546_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40117EF7-3DC1-4CA0-A34A-2607055DF35F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:micom_p546:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E449849F-07B8-447D-B737-DE565F3DEF57"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cybersecurity@se.com"}