Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-0441

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-17 Oct, 2018 | 22:00
Updated At-26 Nov, 2024 | 14:24
Rejected At-
Credits

Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability

A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a corruption of certain timer mechanisms triggered by specific roaming events. This corruption will eventually cause a timer crash. An attacker could exploit this vulnerability by sending malicious reassociation events multiple times to the same AP in a short period of time, causing a DoS condition on the affected AP.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:17 Oct, 2018 | 22:00
Updated At:26 Nov, 2024 | 14:24
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability

A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a corruption of certain timer mechanisms triggered by specific roaming events. This corruption will eventually cause a timer crash. An attacker could exploit this vulnerability by sending malicious reassociation events multiple times to the same AP in a short period of time, causing a DoS condition on the affected AP.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Aironet Access Point Software
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400
Type: CWE
CWE ID: CWE-400
Description: CWE-400
Metrics
VersionBase scoreBase severityVector
3.07.4HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Version: 3.0
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/105680
vdb-entry
x_refsource_BID
http://www.securitytracker.com/id/1041918
vdb-entry
x_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-ap-ft-dos
vendor-advisory
x_refsource_CISCO
Hyperlink: http://www.securityfocus.com/bid/105680
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id/1041918
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-ap-ft-dos
Resource:
vendor-advisory
x_refsource_CISCO
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/105680
vdb-entry
x_refsource_BID
x_transferred
http://www.securitytracker.com/id/1041918
vdb-entry
x_refsource_SECTRACK
x_transferred
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-ap-ft-dos
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/105680
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id/1041918
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-ap-ft-dos
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:17 Oct, 2018 | 22:29
Updated At:09 Oct, 2019 | 23:32

A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a corruption of certain timer mechanisms triggered by specific roaming events. This corruption will eventually cause a timer crash. An attacker could exploit this vulnerability by sending malicious reassociation events multiple times to the same AP in a short period of time, causing a DoS condition on the affected AP.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.4HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Secondary3.07.4HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Primary2.06.1MEDIUM
AV:A/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.0
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Secondary
Version: 3.0
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 6.1
Base severity: MEDIUM
Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Cisco Systems, Inc.
cisco
>>access_points>>8.0\(140.0\)
cpe:2.3:o:cisco:access_points:8.0\(140.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>access_points>>8.2\(141.0\)
cpe:2.3:o:cisco:access_points:8.2\(141.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>access_points>>8.2\(151.0\)
cpe:2.3:o:cisco:access_points:8.2\(151.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>access_points>>8.3\(102.0\)
cpe:2.3:o:cisco:access_points:8.3\(102.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>access_points>>8.3\(112.0\)
cpe:2.3:o:cisco:access_points:8.3\(112.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>access_points>>8.3\(114.74\)
cpe:2.3:o:cisco:access_points:8.3\(114.74\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>access_points>>15.3\(3\)jd
cpe:2.3:o:cisco:access_points:15.3\(3\)jd:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>access_points>>Versions before 8.3.140.0(exclusive)
cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>access_points>>Versions from 8.4(inclusive) to 8.5.110.0(exclusive)
cpe:2.3:o:cisco:access_points:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Primarynvd@nist.gov
CWE-400Secondaryykramarz@cisco.com
CWE ID: CWE-400
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-400
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/105680ykramarz@cisco.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041918ykramarz@cisco.com
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-ap-ft-dosykramarz@cisco.com
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/105680
Source: ykramarz@cisco.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1041918
Source: ykramarz@cisco.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-ap-ft-dos
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

274Records found
CVE-2021-1312
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 20:01
Updated-12 Nov, 2024 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Elastic Services Controller Denial of Service Vulnerability

A vulnerability in the system resource management of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) to the health monitor API on an affected device. The vulnerability is due to inadequate provisioning of kernel parameters for the maximum number of TCP connections and SYN backlog. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to block TCP listening ports that are used by the health monitor API. This vulnerability only affects customers who use the health monitor API.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-elastic_services_controllerCisco Elastic Services Controller
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-1275
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.75% / 81.80%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:50
Updated-08 Nov, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vManage Software Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wan_vmanagecatalyst_sd-wan_managerCisco SD-WAN vManage
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3571
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.56% / 67.44%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:40
Updated-13 Nov, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability

A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4112firepower_4150firepower_4140firepower_4145firepower_4110firepower_4120firepower_4115firepower_4125firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3203
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.85% / 73.94%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:40
Updated-15 Nov, 2024 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability

A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-l-ccatalyst_9800-40catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software 16.1.1
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-3195
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.31% / 79.00%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability

A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect processing of certain OSPF packets. An attacker could exploit this vulnerability by sending a series of crafted OSPF packets to be processed by an affected device. A successful exploit could allow the attacker to continuously consume memory on an affected device and eventually cause it to reload, resulting in a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5510_firmwareasa_5585-x_firmwareadaptive_security_appliance_softwareasa_5520asa_5505_firmwareasa_5510asa_5540_firmwareasa_5580_firmwareasa_5520_firmwareasa_5515-xasa_5550asa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5540asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5550_firmwareasa_5512-xfirepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-3303
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.46% / 63.12%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:42
Updated-15 Nov, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550adaptive_security_applianceasa_5505adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xfirepower_threat_defenseasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3351
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.56% / 67.44%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:21
Updated-15 Nov, 2024 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Software Denial of Service Vulnerability

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000vedge_cloud_routervedge_100mvedge_5000vsmart_controllervedge_100sd-wan_firmwarevedge_1000vedge_100wmvedge_100bCisco SD-WAN Solution
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-11060
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.4||HIGH
EPSS-1.34% / 79.23%
||
7 Day CHG~0.00%
Published-29 Aug, 2019 | 00:19
Updated-16 Sep, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HG100 contains an Uncontrolled Resource Consumption vulnerability

The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time. CVSS 3.0 Base score 7.4 (Availability impacts). CVSS vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-hg100_firmwarehg100HG100 firmware
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-32455
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-6.8||MEDIUM
EPSS-0.07% / 20.46%
||
7 Day CHG~0.00%
Published-17 May, 2021 | 16:30
Updated-16 Sep, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SITEL CAP/PRX vulnerable to a denial of service attack

SITEL CAP/PRX firmware version 5.2.01, allows an attacker with access to the device´s network to cause a denial of service condition on the device. An attacker could exploit this vulnerability by sending HTTP requests massively.

Action-Not Available
Vendor-sitel-saSITEL
Product-cap\/prx_firmwarecap\/prxCAP/PRX
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-0031
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.4||HIGH
EPSS-0.52% / 65.84%
||
7 Day CHG~0.00%
Published-10 Apr, 2019 | 20:13
Updated-16 Sep, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: jdhcpd daemon memory consumption Denial of Service when receiving specific IPv6 DHCP packets.

Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhcpd daemon, thus creating a Denial of Service (DoS) condition to clients requesting and not receiving IP addresses. Additionally, some clients which were previously holding IPv6 addresses will not have their IPv6 Identity Association (IA) address and network tables agreed upon by the jdhcpd daemon after the failover event occurs, which leads to more than one interface, and multiple IP addresses, being denied on the client. Affected releases are Juniper Networks Junos OS: 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-0038
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 19.52%
||
7 Day CHG~0.00%
Published-10 Apr, 2019 | 20:13
Updated-17 Sep, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS

Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are affected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D160 on SRX340/SRX345; 17.3 on SRX340/SRX345; 17.4 versions prior to 17.4R2-S3, 17.4R3 on SRX340/SRX345; 18.1 versions prior to 18.1R3-S1 on SRX340/SRX345; 18.2 versions prior to 18.2R2 on SRX340/SRX345; 18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX340/SRX345. This issue does not affect Junos OS releases prior to 15.1X49 on any platform.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junossrx340srx345Junos OS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-0046
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 29.89%
||
7 Day CHG~0.00%
Published-11 Jul, 2019 | 19:40
Updated-16 Sep, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: EX4300 Series: Denial of Service upon receipt of large number of specific valid packets on management interface.

A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device. A reboot of the device is required to restore service. Continued receipt of these valid broadcast packets will create a sustained Denial of Service (DoS) against the device. Affected releases are Juniper Networks Junos OS: 16.1 versions above and including 16.1R1 prior to 16.1R7-S5; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-15907
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.66%
||
7 Day CHG~0.00%
Published-29 Aug, 2018 | 19:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Technicolor (formerly RCA) TC8305C devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-16310. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions

Action-Not Available
Vendor-technicolorn/a
Product-tc8305ctc8305c_firmwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-15852
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2018 | 21:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Technicolor TC7200.20 devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions

Action-Not Available
Vendor-technicolorn/a
Product-tc7200.20tc7200.20_firmwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-9059
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 04:30
Updated-16 Sep, 2024 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level.

Action-Not Available
Vendor-schlagesilabsSchlageSilicon Labs
Product-500_series_firmwarebe468BE468500 series
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-9060
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 17.40%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 04:30
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A version 3.95, and Fibaro FGWPB-111 version 4.3, are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages.

Action-Not Available
Vendor-fibaroaeoteczoozsilabsFibaroAeon LabsZooZSilicon Labs
Product-zen25zst10500_series_firmwarezw090-azen20fgwpb-111ZEN25FGWPB-111ZW090-A500 seriesZEN20ZST10
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-346
Origin Validation Error
CVE-2018-16310
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.66%
||
7 Day CHG~0.00%
Published-06 Sep, 2018 | 23:00
Updated-27 Aug, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Technicolor TG588V V2 devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-15907. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions

Action-Not Available
Vendor-technicolorn/atechnicolor
Product-tg588vtg588v_firmwaren/atg588v
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-35233
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 28.45%
||
7 Day CHG~0.00%
Published-10 Mar, 2021 | 18:16
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external attackers to force device reboots by sending concurrent connections, aka a denial of service attack.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-jgs516pe_firmwaregs116e_firmwaregs116ejgs516pen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-0029
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.15% / 36.63%
||
7 Day CHG~0.00%
Published-11 Jul, 2018 | 18:00
Updated-16 Sep, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: Kernel crash (vmcore) during broadcast storm after enabling 'monitor traffic interface fxp0'

While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system to crash and restart (vmcore). This issue only affects Junos OS 15.1 and later releases, and affects both single core and multi-core REs. Releases prior to Junos OS 15.1 are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S11, 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D140; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D67 on QFX10K; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471, 15.1X53-D490 on NFX; 16.1 versions prior to 16.1R3-S8, 16.1R5-S4, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D90, 17.2X75-D110; 17.3 versions prior to 17.3R1-S4, 17.3R2; 17.4 versions prior to 17.4R1-S3, 17.4R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-qfx5200nfx250junosqfx5110ex3400ex2300Junos OS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2681
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.44% / 62.38%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf685r_firmwaresinamics_g150simatic_s7-200_smartsimatic_et_200m_firmwareek-ertec_200_pn_iosinamics_g150_firmwaresinamics_g120\(c\/p\/d\)_pn_firmwaresimatic_rf680r_firmwaresimatic_cp_343-1_advsimatic_s7-300sitop_psu8600sinamics_g130simatic_rf650r_firmwaresinamics_v90_pnsimatic_et_200mp_firmwaresinumerik_840d_sl_firmwaresimatic_s7-1500_firmwaredk_standard_ethernet_controller_firmwaresimatic_cp_443-1_adv_firmwarescalance_x200sinamics_dcpscalance_w700scalance_s615_firmwaresimocode_pro_v_profinetsimatic_cm_1542sp-1simatic_s7-1200_firmwaresimatic_teleservice_adapter_ie_basic_modem_firmwaresimatic_rf680rsirius_motor_starter_m200d_profinet_firmwaresimatic_cp_443-1_stdsimatic_cp_1543sp-1_firmwaresimatic_teleservice_adapter_ie_advanced_modem_firmwaresimatic_et_200ecopnsinamics_g110msimatic_s7-1200sinamics_s110_pn_firmwaresimatic_cp_1542sp-1_irc_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_s7-400simatic_teleservice_adapter_ie_advanced_modemsimatic_hmi_mobile_panelssimatic_cp_1243-1sinamics_v90_pn_firmwaresinumerik_828d_firmwaresimatic_winac_rtx_firmwaresimatic_s7-400_firmwaresimatic_cp_343-1_lean_firmwaresimatic_cp_1243-1_firmwareie\/pb-linkpn\/pn_coupler_firmwaresinamics_s150simotionsimatic_cp_1616_firmwaresimatic_et_200s_firmwaresimatic_cp_1543-1simatic_cp_1616ie\/as-i_link_pn_io_firmwarescalance_x300scalance_m-800_firmwaresimatic_hmi_multi_panelssirius_act_3su1simatic_cp_343-1_adv_firmwaresirius_soft_starter_3rw44_pn_firmwareie\/as-i_link_pn_iosimatic_cp_443-1_std_firmwarescalance_xm400scalance_m-800ek-ertec_200_pn_io_firmwaresinamics_s110_pnsimatic_et_200al_firmwaresimatic_cp_1243-1_ircscalance_w700_firmwaresinamics_g110m_firmwarescalance_x200_irt_firmwaresimatic_cp_1542sp-1_ircsimatic_et_200propn\/pn_couplersinamics_dcp_firmwaresimatic_teleservice_adapter_standard_modem_firmwaresimatic_cp_1543-1_firmwarescalance_x408simatic_hmi_comfort_panelssirius_act_3su1_firmwarescalance_x200_firmwaresinamics_dcm_firmwaresoftnet_profinet_io_firmwaresimatic_winac_rtxsimatic_cm_1542-1scalance_xm400_firmwaresimatic_tdc_cp51m1simatic_cp_343-1_stdsinamics_g120\(c\/p\/d\)_pnsimatic_cm_1542sp-1_firmwareups1600_profinet_firmwaresimatic_cp_1243-1_iec_firmwarescalance_xr500_firmwaresimatic_cp_1243-1_iecsimatic_rf685rsimatic_teleservice_adapter_ie_basic_modemsimatic_tdc_cpu555_firmwaredk_standard_ethernet_controllersimatic_et_200alsimatic_cp_443-1_opc-ua_firmwaresimatic_et_200sscalance_s615simatic_cp_1543sp-1simocode_pro_v_profinet_firmwaresimatic_s7-200_smart_firmwaresimatic_cp_443-1_advsinamics_dcmsimotion_firmwaresimatic_dk-16xx_pn_iosimatic_cp_1243-1_dnp3simatic_cp_443-1_opc-uasinumerik_840d_slsimatic_et_200ecopn_firmwaresimatic_cp_1243-1_irc_firmwaresimatic_dk-16xx_pn_io_firmwarescalance_x414_firmwaresimatic_et_200sp_firmwaresirius_motor_starter_m200d_profinetsimatic_s7-1500simatic_cp_1604scalance_xr500scalance_x414ie\/pb-link_firmwarescalance_x200_irtsimatic_et_200pro_firmwaresinumerik_828dsinamics_s120simatic_s7-1500_software_controllersoftnet_profinet_ioek-ertec_200p_pn_io_firmwaresimatic_cp_343-1_leansimatic_cp_1542sp-1sinamics_s120_firmwaresimatic_s7-300_firmwaresinamics_g130_firmwarescalance_x408_firmwaresimatic_teleservice_adapter_standard_modemsimatic_et_200mpsimatic_tdc_cpu555simatic_rf650rsitop_psu8600_firmwaresimatic_et_200spscalance_x300_firmwaresinamics_s150_firmwareek-ertec_200p_pn_iosimatic_et_200msimatic_cp_1604_firmwareups1600_profinetsimatic_tdc_cp51m1_firmwaresimatic_cp_343-1_std_firmwaresirius_soft_starter_3rw44_pnsimatic_cm_1542-1_firmwareSINAMICS S110 w. PNSIMATIC RF685RSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSIPLUS ET 200SP IM 155-6 PN HFSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN STSIMATIC MV440 HRSCALANCE X-200IRT family (incl. SIPLUS NET variants)SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSoftnet PROFINET IO for PC-based Windows systemsSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC MV420 SR-BSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSCALANCE XR-500 familySIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1500 Software ControllerSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC TDC CP51M1SIMATIC CM 1542SP-1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SIMATIC ET 200MP IM 155-5 PN BASINUMERIK 828D V4.5 and priorSINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SIMATIC CP 1616SINAMICS V90 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SINAMICS DCM w. PNSIMATIC MV420 SR-B BodySINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SCALANCE XM-400 familySIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC CP 443-1 (incl. SIPLUS variants)SIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC MV440 URSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTION
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2680
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-2.33% / 84.23%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rf685r_firmwaresinamics_g150simatic_s7-200_smartsimatic_et_200m_firmwareextension_unit_15_profinet_firmwareek-ertec_200_pn_iosinamics_g150_firmwaresimatic_rf680r_firmwaresimatic_cp_343-1_advsimatic_s7-300sitop_psu8600sinamics_gh150simatic_dk-1604_pn_iosinamics_g130simatic_rf650r_firmwaresinamics_v90_pnsimatic_et_200mp_firmwaresimatic_s7-1500_software_controller_firmwaresinumerik_840d_sl_firmwaresimatic_s7-1500_firmwareextension_unit_19_profinet_firmwaredk_standard_ethernet_controller_firmwaresimatic_cp_443-1_adv_firmwarescalance_x200sinamics_gm150_firmwaresinamics_dcpscalance_w700scalance_s615_firmwaresimocode_pro_v_profinetsimatic_s7-1200_firmwaresimatic_rf680rsirius_motor_starter_m200d_profinet_firmwaresimatic_cp_443-1_stdsimatic_cp_1543sp-1_firmwaresimatic_et_200ecopnsinamics_g110m_s110_pnsimatic_s7-1200simatic_cp_1542sp-1_irc_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_cp_1626_firmwareextension_unit_12_profinet_firmwaresinamics_g120\(c\/p\/d\)_w._pnsimatic_s7-400simatic_teleservice_adapter_ie_advanced_modemsimatic_hmi_mobile_panelssimatic_cp_1243-1sinamics_v90_pn_firmwaresinumerik_828d_firmwareextension_unit_22_profinetsimatic_winac_rtx_firmwaresimatic_s7-400_firmwareextension_unit_15_profinetsimatic_cp_343-1_lean_firmwaresimatic_cp_1243-1_firmwaresimatic_dk-1604_pn_io_firmwareie\/pb-linksimatic_dk-1616_pn_io_firmwarepn\/pn_coupler_firmwaresinamics_s150simotionsimatic_cp_1616_firmwaresimatic_et_200s_firmwaresimatic_cp_1543-1simatic_cp_1616ie\/as-i_link_pn_io_firmwarescalance_x300sinamics__s110_pn_firmwarescalance_m-800_firmwaresimatic_hmi_multi_panelssirius_act_3su1simatic_cp_343-1_adv_firmwaresirius_soft_starter_3rw44_pn_firmwaresimatic_dk-1616_pn_ioie\/as-i_link_pn_iosimatic_cp_443-1_std_firmwarescalance_xm400sinamics_sm120_firmwarescalance_m-800ek-ertec_200_pn_io_firmwaresimatic_teleservice_adapter_ie_basic_firmwaresimatic_et_200al_firmwaresinamics_sm120simatic_cp_1243-1_ircscalance_w700_firmwaresinamics_g110m_firmwarescalance_x200_irt_firmwaresimatic_cp_1542sp-1_ircsimatic_et_200propn\/pn_couplersinamics_sl150sinamics_dcp_firmwaresimatic_cp_1543-1_firmwareextension_unit_19_profinetscalance_x408simatic_hmi_comfort_panelssirius_act_3su1_firmwarescalance_x200_firmwaresinamics_dcm_firmwaresoftnet_profinet_io_firmwaresimatic_teleservice_adapter_ie_basicsimatic_winac_rtxsimatic_cm_1542-1scalance_xm400_firmwaresimatic_tdc_cp51m1simatic_cp_343-1_stdsimatic_cp_1243-8ups1600_profinet_firmwaresimatic_cp_1243-1_iec_firmwarescalance_xr500_firmwaresimatic_cp_1243-1_iecsimatic_rf685rsimatic_tdc_cpu555_firmwaresimatic_cp_1243-7_lte\/us_firmwaredk_standard_ethernet_controllerextension_unit_12_profinetsimatic_cp_1243-8_firmwaresimatic_et_200alsimatic_cp_443-1_opc-ua_firmwaresimatic_et_200sscalance_s615simatic_cp_1543sp-1simatic_teleservice_adapter_ie_standard_firmwaresinamics_gl150_firmwaresimocode_pro_v_profinet_firmwaresimatic_s7-200_smart_firmwaresinamics_gm150simatic_cp_443-1_advsimatic_cp_1243-7_lte\/ussinamics_dcmsimotion_firmwaresimatic_cp_1243-1_dnp3simatic_cp_443-1_opc-uasinumerik_840d_slsimatic_et_200ecopn_firmwaresimatic_cp_1243-1_irc_firmwarescalance_x414_firmwaresimatic_et_200sp_firmwaresirius_motor_starter_m200d_profinetsimatic_s7-1500simatic_cp_1604scalance_xr500scalance_x414ie\/pb-link_firmwarescalance_x200_irtsimatic_et_200pro_firmwaresinumerik_828dsinamics_gh150_firmwaresimatic_s7-1500_software_controllersinamics_s120simatic_cp_1242-7_gprs_firmwaresoftnet_profinet_ioek-ertec_200p_pn_io_firmwaresimatic_cp_343-1_leansimatic_cp_1542sp-1sinamics_s120_firmwaresimatic_s7-300_firmwareextension_unit_22_profinet_firmwaresinamics_g130_firmwarescalance_x408_firmwaresimatic_et_200mpsimatic_tdc_cpu555sinamics_g120\(c\/p\/d\)_w._pn_firmwaresimatic_rf650rsitop_psu8600_firmwaresimatic_et_200spsimatic_cp_1542sp-1_firmwarescalance_x300_firmwaresimatic_teleservice_adapter_ie_advanced_firmwaresimatic_cp_1242-7_gprssinamics_s150_firmwareek-ertec_200p_pn_iosimatic_teleservice_adapter_ie_standardsimatic_et_200msimatic_cp_1604_firmwareups1600_profinetsinamics_gl150simatic_cp_1626sinamics_sl150_firmwaresimatic_tdc_cp51m1_firmwaresimatic_cp_343-1_std_firmwaresirius_soft_starter_3rw44_pnsimatic_cm_1542-1_firmwareSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMATIC CP 443-1 Advanced (incl. SIPLUS variants)SINAMICS SL150 V4.7.5 w. PROFINETSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC Teleservice Adapter IE StandardSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIRIUS Motor Starter M200D PROFINETSCALANCE X-200 family (incl. SIPLUS NET variants)SIMATIC CP 1543SP-1 (incl. SIPLUS variants)SIMATIC MV440 HRSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN: IO-Link MasterSINAMICS SL150 V4.7.4 w. PROFINETSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSCALANCE W-700 IEEE 802.11n familySIPLUS ET 200SP IM 155-6 PN ST TX RAILSIMATIC Teleservice Adapter IE AdvancedSIMATIC CP 1626SIMATIC MV420 SR-BSCALANCE XR-500 familySIMATIC ET200ecoPN, 16DI, DC24V, 8xM12Extension Unit 19" PROFINETSIMATIC ET 200MP IM 155-5 PN STSIMATIC DK-16xx PN IOSIMATIC MV420 SR-PSINUMERIK 840D sl V4.7SIMATIC TDC CPU555SIMATIC TDC CP51M1IE/PB-Link (incl. SIPLUS NET variants)SIMATIC ET 200MP IM 155-5 PN BASINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants)SIMATIC MV420 SR-B BodyDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12SIMATIC RF650RSCALANCE XM-400 familySINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC MV420 SR-P BodySINAMICS S150 V4.8 w. PNSIMATIC MV440 SRSIMATIC S7-200 SMARTSIMATIC CP 1243-8 IRCExtension Unit 22" PROFINETSIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (incl. SIPLUS variants)SINAMICS S150 V4.7 w. PNSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)SINAMICS SM120 V4.7 w. PROFINETSIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)SIMATIC RF680RSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SINAMICS GH150 V4.7 w. PROFINETSIMATIC CP 1543-1 (incl. SIPLUS variants)SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMOTIONSINAMICS GL150 V4.7 w. PROFINETSINAMICS S110 w. PNSIMATIC RF685RSITOP UPS1600 PROFINET (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SIMATIC CP 443-1 OPC UASIMATIC CM 1542-1SCALANCE X408 familySIMATIC ET200ecoPN, 4AO U/I 4xM12SIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSCALANCE X-200IRT family (incl. SIPLUS NET variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC CP 1243-7 LTE USSoftnet PROFINET IO for PC-based Windows systemsSIMATIC CP 1242-7 V2 (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASINAMICS SL150 V4.7.0 w. PROFINETSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC CP 1604SIMATIC S7-1500 Software ControllerSIMATIC ET200S (incl. SIPLUS variants)IE/AS-i Link PN IOSIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC CP 1243-1 (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMATIC CP 343-1 (incl. SIPLUS variants)SITOP PSU8600 PROFINETSIMATIC CM 1542SP-1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SINUMERIK 828D V4.7SINUMERIK 828D V4.5 and priorExtension Unit 12" PROFINETSIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)SIMATIC CP 1616SINAMICS V90 w. PNSCALANCE X-300 family (incl. X408 and SIPLUS NET variants)SINAMICS DCM w. PNSINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSCALANCE M-800 family (incl. S615, MUM-800 and RM1224)SINUMERIK 840D sl V4.5 and priorSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SIMATIC Teleservice Adapter IE BasicSINAMICS DCP w. PNSINAMICS GM150 V4.7 w. PROFINETSIMATIC ET 200M (incl. SIPLUS variants)Extension Unit 15" PROFINETSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SIPLUS ET 200SP IM 155-6 PN STSIMATIC MV440 URSIRIUS ACT 3SU1 interface module PROFINETSIPLUS ET 200MP IM 155-5 PN HFSCALANCE X414SINAMICS G150 V4.8 w. PNSIMATIC CP 443-1 (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-27640
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 48.25%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:47
Updated-03 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming attacks, which can cause the device to reboot.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_443-1_rna_firmwaresimatic_cp_442-1_rnasimatic_cp_442-1_rna_firmwaresimatic_cp_443-1_rnaSIMATIC CP 442-1 RNASIMATIC CP 443-1 RNA
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-22191
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.20% / 42.32%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 15:50
Updated-16 Sep, 2024 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: EX4300: PFE Denial of Service (DoS) upon receipt of a flood of specific ARP traffic

A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. After the restart, transit traffic will be temporarily interrupted until the PFE is reprogrammed. In a virtual chassis (VC), the impacted Flexible PIC Concentrator (FPC) may split from the VC temporarily, and join back into the VC once the PFE restarts. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on the EX4300: All versions prior to 15.1R7-S12; 18.4 versions prior to 18.4R2-S10, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S9, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosex4300Junos OS
CWE ID-CWE-410
Insufficient Resource Pool
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-44527
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 28.45%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 13:12
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the affected switch.This vulnerability is fixed in UniFi Switch firmware 5.76.6 and later.

Action-Not Available
Vendor-n/aUbiquiti Inc.
Product-unifi_switch_firmwareUniFi Switches
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found