Details of VAR-201608-0415

ID

VAR-201608-0415

TITLE

Omron CP1H web Service Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: 2d27e017-3904-4d39-95cb-c0894b149b85 // CNVD: CNVD-2016-06362

DESCRIPTION

CP1H is a mainstream PLC of Omron. Its Ethernet port opens web services and supports http protocol communication. You can access and set device configuration information by logging in to the web server. In the HTTP message sent to CP1H, if it is a Connect request, a buffer overflow vulnerability exists when a malformed string is injected after the Request field. Allowing an attacker to exploit this vulnerability results in a denial of service

Trust: 0.72

sources: CNVD: CNVD-2016-06362 // IVD: 2d27e017-3904-4d39-95cb-c0894b149b85

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: 2d27e017-3904-4d39-95cb-c0894b149b85 // CNVD: CNVD-2016-06362

AFFECTED PRODUCTS

vendor:	omron	model:	cp1h plc	scope:	-	version:	-	Trust: 0.6
vendor:	omron	model:	cp1h plc	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 2d27e017-3904-4d39-95cb-c0894b149b85 // CNVD: CNVD-2016-06362

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-06362
value:	HIGH
Trust: 0.6
IVD:	2d27e017-3904-4d39-95cb-c0894b149b85
value:	HIGH
Trust: 0.2

CNVD:	CNVD-2016-06362
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	2d27e017-3904-4d39-95cb-c0894b149b85
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 2d27e017-3904-4d39-95cb-c0894b149b85 // CNVD: CNVD-2016-06362

TYPE

Buffer overflow

Trust: 0.2

sources: IVD: 2d27e017-3904-4d39-95cb-c0894b149b85

EXTERNAL IDS

db:	CNVD	id:	CNVD-2016-06362	Trust: 0.8
db:	IVD	id:	2D27E017-3904-4D39-95CB-C0894B149B85	Trust: 0.2

sources: IVD: 2d27e017-3904-4d39-95cb-c0894b149b85 // CNVD: CNVD-2016-06362

SOURCES

db:	IVD	id:	2d27e017-3904-4d39-95cb-c0894b149b85
db:	CNVD	id:	CNVD-2016-06362

LAST UPDATE DATE

2022-05-17T02:01:06.362000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-06362

date:

2016-08-16T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	2d27e017-3904-4d39-95cb-c0894b149b85	date:	2016-08-16T00:00:00
db:	CNVD	id:	CNVD-2016-06362	date:	2016-09-27T00:00:00