CVE-2018-7821

{"id": "CVE-2018-7821", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-05-22T20:29:01.043", "references": [{"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-045-01/", "tags": ["Vendor Advisory"], "source": "cybersecurity@se.com"}, {"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-045-01/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated."}, {"lang": "es", "value": "Existe una vulnerabilidad de entorno (CWE-2) en SoMachine Basic, todas las versiones, y Modicon M221 (todas las referencias, todas las versiones anteriores al firmware V1.10.0.0), que podr\u00eda generar un impacto en el tiempo del ciclo al inundar la interfaz ethernet M221 mientras que el adaptador Ethernet/IP est\u00e1 activado."}], "lastModified": "2024-11-21T04:12:47.533", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:somachine_basic:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BCEA269-6242-41FD-B141-F72CAFC8F114"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F757A52E-2401-4A09-B53E-73135C5289A1", "versionEndExcluding": "1.10.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BB0D83F4-B718-47AB-AFB8-B576CB138AAC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cybersecurity@se.com"}