Details of VAR-201606-0551

ID

VAR-201606-0551

TITLE

AB CompactLogix 5000 Series Controller CIP Protocol Denial of Service Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-03123

DESCRIPTION

The AB CompactLogix 5000 series is a controller for Logix solutions for low-end to mid-range applications. The CIP communication protocol of the AB CompactLogix 5000 series controller has vulnerabilities. After the vulnerability is successfully exploited, the target device cannot normally respond to some CIP function code requests. All Ethernet monitoring data collection or control instruction distribution that relies on these function codes will fail. Normal work seriously affects on-site production.

Trust: 0.6

sources: CNVD: CNVD-2016-03123

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-03123

AFFECTED PRODUCTS

vendor:

american

model:

ab compactlogix 1769-l30er

scope:

version:

5000

Trust: 0.6

sources: CNVD: CNVD-2016-03123

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-03123
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2016-03123
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2016-03123

EXTERNAL IDS

db:

CNVD

id:

CNVD-2016-03123

Trust: 0.6

sources: CNVD: CNVD-2016-03123

SOURCES

db:

CNVD

id:

CNVD-2016-03123

LAST UPDATE DATE

2022-05-04T10:27:03.721000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-03123

date:

2016-12-26T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2016-03123

date:

2016-06-07T00:00:00