CVE-2014-5429 - Vulnerability Details - OpenCVE

ReportizFlow

DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Elipse	E3 Power Scada

Configuration 1 [-]

cpe:2.3:a:elipse:scada:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:elipse:power:*:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:elipse:e3:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://ics-cert.us-cert.gov/advisories/ICSA-14-303-02

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2014-12-06T15:00:00

Updated: 2024-08-06T11:41:49.229Z

Reserved: 2014-08-22T00:00:00

Link: CVE-2014-5429

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-12-06T15:59:03.047

Modified: 2024-11-21T02:12:01.943

Link: CVE-2014-5429

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-02T00:00:00", "descriptions": [{"lang": "en", "value": "DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-12-06T15:57:00", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-303-02"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2014-5429", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-303-02", "refsource": "MISC", "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-303-02"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T11:41:49.229Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-303-02"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2014-5429", "datePublished": "2014-12-06T15:00:00", "dateReserved": "2014-08-22T00:00:00", "dateUpdated": "2024-08-06T11:41:49.229Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elipse:scada:*:*:*:*:*:*:*:*", "matchCriteriaId": "000A0265-EAEB-49AD-B40C-5721911D60BE", "versionEndIncluding": "2.29", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elipse:power:*:*:*:*:*:*:*:*", "matchCriteriaId": "B90DBCAA-CAAF-43D5-A4DC-3ED191F9DD5C", "versionEndIncluding": "4.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elipse:e3:*:*:*:*:*:*:*:*", "matchCriteriaId": "21A1C414-3749-4F26-A791-0E289E478B70", "versionEndIncluding": "4.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets."}, {"lang": "es", "value": "DNP Master Driver 3.02 y anteriores en Elipse SCADA 2.29 build 141 y anteriores, E3 1.0 hasta 4.6, y Elipse Power 1.0 hasta 4.6 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de paquetes malformados."}], "id": "CVE-2014-5429", "lastModified": "2024-11-21T02:12:01.943", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-12-06T15:59:03.047", "references": [{"source": "[email protected]", "tags": ["US Government Resource"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-303-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-303-02"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "[email protected]", "type": "Primary"}]}