CVE-2023-32787

The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications.
Configurations

Configuration 1 (hide)

cpe:2.3:a:opcfoundation:ua_java_legacy:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:prosysopc:ua_historian:*:*:*:*:*:*:*:*
cpe:2.3:a:prosysopc:ua_modbus_server:*:*:*:*:*:*:*:*
cpe:2.3:a:prosysopc:ua_simulation_server:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:04

Type Values Removed Values Added
References () https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-32787.pdf - Patch, Vendor Advisory () https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-32787.pdf - Patch, Vendor Advisory
References () https://github.com/OPCFoundation/UA-Java-Legacy - Product () https://github.com/OPCFoundation/UA-Java-Legacy - Product
References () https://github.com/OPCFoundation/UA-Java-Legacy/commit/6f176f2b445a27c157f1a32f225accc9ce8873c0 - Patch () https://github.com/OPCFoundation/UA-Java-Legacy/commit/6f176f2b445a27c157f1a32f225accc9ce8873c0 - Patch
Summary
  • (es) El OPC UA Legacy Java Stack anterior a 6f176f2 permite a un atacante bloquear aplicaciones del servidor OPC UA mediante el consumo incontrolado de recursos para que ya no puedan servir aplicaciones cliente.

02 Apr 2024, 14:49

Type Values Removed Values Added
CPE cpe:2.3:a:prosysopc:ua_modbus_server:*:*:*:*:*:*:*:*
cpe:2.3:a:prosysopc:ua_historian:*:*:*:*:*:*:*:*
cpe:2.3:a:prosysopc:ua_simulation_server:*:*:*:*:*:*:*:*
First Time Prosysopc ua Modbus Server
Prosysopc
Prosysopc ua Historian
Prosysopc ua Simulation Server

Information

Published : 2023-05-15 15:15

Updated : 2024-11-21 08:04


NVD link : CVE-2023-32787

Mitre link : CVE-2023-32787

CVE.ORG link : CVE-2023-32787


JSON object : View

Products Affected

prosysopc

  • ua_simulation_server
  • ua_modbus_server
  • ua_historian

opcfoundation

  • ua_java_legacy
CWE
CWE-400

Uncontrolled Resource Consumption