CVE-2017-7914 - Vulnerability Details

Vendors	Products
Rockwellautomation	Panelview Plus 6 700-1500 Panelview Plus 6 700-1500 Firmware

Link	Providers
https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Rockwell Automation PanelView Plus 6 700-1500", "vendor": "n/a", "versions": [{"status": "affected", "version": "Rockwell Automation PanelView Plus 6 700-1500"}]}], "datePublic": "2017-06-14T00:00:00", "descriptions": [{"lang": "en", "value": "A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-882", "description": "CWE-882", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-06-14T20:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2017-7914", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Rockwell Automation PanelView Plus 6 700-1500", "version": {"version_data": [{"version_value": "Rockwell Automation PanelView Plus 6 700-1500"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-882"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:19:29.506Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2017-7914", "datePublished": "2017-06-14T21:00:00", "dateReserved": "2017-04-18T00:00:00", "dateUpdated": "2024-08-05T16:19:29.506Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Rockwell Automation PanelView Plus 6 700-1500 (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : Rockwell Automation PanelView Plus 6 700-1500 (string)

}

]

}

]

datePublic : 2017-06-14T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-882 (string)

description : CWE-882 (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-06-14T20:57:01 (string)

orgId : 7d14cffa-0d7d-4270-9dc0-52cabd5a23a6 (string)

shortName : icscert (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : ics-cert@hq.dhs.gov (string)

ID : CVE-2017-7914 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Rockwell Automation PanelView Plus 6 700-1500 (string)

version : { »

version_data : [ »

0 : { »

version_value : Rockwell Automation PanelView Plus 6 700-1500 (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : CWE-882 (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01 (string)

refsource : MISC (string)

url : https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T16:19:29.506Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 7d14cffa-0d7d-4270-9dc0-52cabd5a23a6 (string)

assignerShortName : icscert (string)

cveId : CVE-2017-7914 (string)

datePublished : 2017-06-14T21:00:00 (string)

dateReserved : 2017-04-18T00:00:00 (string)

dateUpdated : 2024-08-05T16:19:29.506Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00-20140306:*:*:*:*:*:*:*", "matchCriteriaId": "A7EBA0A2-F6F2-4DF0-8FAC-37E5C6768734", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.04:*:*:*:*:*:*:*", "matchCriteriaId": "7498C8EB-B040-4B5E-BB67-630986C417E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.05:*:*:*:*:*:*:*", "matchCriteriaId": "5DC3FD03-CA9F-427D-B8AB-2280A60738B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.42:*:*:*:*:*:*:*", "matchCriteriaId": "7522CC96-D5E9-41AF-95AB-876303767B1B", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.10-20140122:*:*:*:*:*:*:*", "matchCriteriaId": "8B07AC6A-EFDA-4CC5-937C-6CAD73B3A1C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.10.20121012:*:*:*:*:*:*:*", "matchCriteriaId": "00391FDB-1094-4FB3-9938-9DEDB1045AD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20121012:*:*:*:*:*:*:*", "matchCriteriaId": "374DABE1-5D77-4EE3-853A-9FF5AD820861", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130108:*:*:*:*:*:*:*", "matchCriteriaId": "031AD257-1BE1-4061-BC6D-1AA0741C99EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130325:*:*:*:*:*:*:*", "matchCriteriaId": "3F9743D5-67E5-4DA5-BFDB-E42CD73A8306", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130619:*:*:*:*:*:*:*", "matchCriteriaId": "3C4A0042-86AF-4BB9-9114-F19777F6312A", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140128:*:*:*:*:*:*:*", "matchCriteriaId": "78DDD0D2-E7F6-43A9-99A6-6D12B153BB1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140310:*:*:*:*:*:*:*", "matchCriteriaId": "48CAEE93-3120-4F22-8BE0-46195D489015", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140429:*:*:*:*:*:*:*", "matchCriteriaId": "F58A9CCD-3C23-4D1C-815E-C9D107F47B76", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140621:*:*:*:*:*:*:*", "matchCriteriaId": "214CB7C5-6241-4589-AA91-014E334FFB41", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140729:*:*:*:*:*:*:*", "matchCriteriaId": "46DC9731-1EA9-4354-959E-494905A45963", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20141022:*:*:*:*:*:*:*", "matchCriteriaId": "6F3DB916-F40E-4F80-9B28-0CB573585E1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:8.00-20140730:*:*:*:*:*:*:*", "matchCriteriaId": "94994F4E-0F1D-46FC-A7B2-462838BA4DFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:8.00-20141023:*:*:*:*:*:*:*", "matchCriteriaId": "8C8CD419-33AB-43C0-836F-8CC4AFD5F6FE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:panelview_plus_6_700-1500:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B3064E9-5257-4D66-A127-E30944447752", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access."}, {"lang": "es", "value": "Se ha descubierto un problema de falta de autorizaci\u00f3n en Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730 y 8.00-20141023. No hay comprobaci\u00f3n de autorizaci\u00f3n al conectarse al dispositivo, lo que permite que un atacante logre el acceso remoto."}], "id": "CVE-2017-7914", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-14T21:29:00.270", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-882"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00-20140306:*:*:*:*:*:*:* (string)

matchCriteriaId : A7EBA0A2-F6F2-4DF0-8FAC-37E5C6768734 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.04:*:*:*:*:*:*:* (string)

matchCriteriaId : 7498C8EB-B040-4B5E-BB67-630986C417E7 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.05:*:*:*:*:*:*:* (string)

matchCriteriaId : 5DC3FD03-CA9F-427D-B8AB-2280A60738B6 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.00.42:*:*:*:*:*:*:* (string)

matchCriteriaId : 7522CC96-D5E9-41AF-95AB-876303767B1B (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.10-20140122:*:*:*:*:*:*:* (string)

matchCriteriaId : 8B07AC6A-EFDA-4CC5-937C-6CAD73B3A1C2 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:6.10.20121012:*:*:*:*:*:*:* (string)

matchCriteriaId : 00391FDB-1094-4FB3-9938-9DEDB1045AD9 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20121012:*:*:*:*:*:*:* (string)

matchCriteriaId : 374DABE1-5D77-4EE3-853A-9FF5AD820861 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130108:*:*:*:*:*:*:* (string)

matchCriteriaId : 031AD257-1BE1-4061-BC6D-1AA0741C99EC (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130325:*:*:*:*:*:*:* (string)

matchCriteriaId : 3F9743D5-67E5-4DA5-BFDB-E42CD73A8306 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20130619:*:*:*:*:*:*:* (string)

matchCriteriaId : 3C4A0042-86AF-4BB9-9114-F19777F6312A (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140128:*:*:*:*:*:*:* (string)

matchCriteriaId : 78DDD0D2-E7F6-43A9-99A6-6D12B153BB1D (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140310:*:*:*:*:*:*:* (string)

matchCriteriaId : 48CAEE93-3120-4F22-8BE0-46195D489015 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140429:*:*:*:*:*:*:* (string)

matchCriteriaId : F58A9CCD-3C23-4D1C-815E-C9D107F47B76 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140621:*:*:*:*:*:*:* (string)

matchCriteriaId : 214CB7C5-6241-4589-AA91-014E334FFB41 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20140729:*:*:*:*:*:*:* (string)

matchCriteriaId : 46DC9731-1EA9-4354-959E-494905A45963 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:7.00-20141022:*:*:*:*:*:*:* (string)

matchCriteriaId : 6F3DB916-F40E-4F80-9B28-0CB573585E1D (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:8.00-20140730:*:*:*:*:*:*:* (string)

matchCriteriaId : 94994F4E-0F1D-46FC-A7B2-462838BA4DFD (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:o:rockwellautomation:panelview_plus_6_700-1500_firmware:8.00-20141023:*:*:*:*:*:*:* (string)

matchCriteriaId : 8C8CD419-33AB-43C0-836F-8CC4AFD5F6FE (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:rockwellautomation:panelview_plus_6_700-1500:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2B3064E9-5257-4D66-A127-E30944447752 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access. (string)

}

1 : { »

lang : es (string)

value : Se ha descubierto un problema de falta de autorización en Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730 y 8.00-20141023. No hay comprobación de autorización al conectarse al dispositivo, lo que permite que un atacante logre el acceso remoto. (string)

}

]

id : CVE-2017-7914 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 7.5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 8.6 (number)

baseSeverity : HIGH (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 4.7 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-06-14T21:29:00.270 (string)

references : [ »

0 : { »

source : ics-cert@hq.dhs.gov (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01 (string)

}

]

sourceIdentifier : ics-cert@hq.dhs.gov (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-882 (string)

}

]

source : ics-cert@hq.dhs.gov (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-862 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object