CVE-2024-21916

{"id": "CVE-2024-21916", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2024-01-31T19:15:08.427", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html", "tags": ["Vendor Advisory"], "source": "PSIRT@rockwellautomation.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}, {"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "\nA denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF."}, {"lang": "es", "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en controladores Rockwell Automation ControlLogix ang GuardLogix. Si se explota, el producto podr\u00eda experimentar un fallo importante no recuperable (MNRF). El dispositivo se reiniciar\u00e1 solo para recuperarse del MNRF."}], "lastModified": "2024-02-08T01:34:49.067", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_controller_firmware:20.011:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06E12A7B-E32C-46DE-891B-B42586053A33"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5570_controller:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C16C24E2-4CB6-4413-8D48-588E0246617E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:20.011:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D5A9D00-9B54-4A85-9E9D-652FA0BC911F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5570_controller:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B4B273FA-0865-4505-AAF8-1676940A3EA9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_redundant_controller_firmware:20.054_kit1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CA7904D-3C8B-4CED-B2AB-0CCD266B148F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5570_redundant_controller:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "898183DD-C3AE-42EE-9891-81BFA774476A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "PSIRT@rockwellautomation.com"}