Details of VAR-201610-0690

ID

VAR-201610-0690

TITLE

Nanjing Shuntang Industrial Control Configuration Software QTouch Remote Denial of Service Vulnerability

Trust: 0.8

sources: IVD: 2e130ef0-a305-4871-95d8-8c6cf89e026b // CNVD: CNVD-2016-09758

DESCRIPTION

Nanjing Shuntang Industrial Control Configuration Software QTouch is the leader and leader in the second generation of domestic configuration software, spanning multiple operating systems and multiple CPU platforms. There is a remote denial of service vulnerability in Nanjing Shuntang Industrial Control Configuration Software QTouch. A remote attacker could use this vulnerability to execute arbitrary code or cause a denial of service. CPU platform

Trust: 0.72

sources: CNVD: CNVD-2016-09758 // IVD: 2e130ef0-a305-4871-95d8-8c6cf89e026b

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 2e130ef0-a305-4871-95d8-8c6cf89e026b // CNVD: CNVD-2016-09758

AFFECTED PRODUCTS

vendor:

shuntang

model:

qtouch dynamic software

scope:

version:

2.1.5

Trust: 0.8

sources: IVD: 2e130ef0-a305-4871-95d8-8c6cf89e026b // CNVD: CNVD-2016-09758

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-09758
value:	MEDIUM
Trust: 0.6
IVD:	2e130ef0-a305-4871-95d8-8c6cf89e026b
value:	MEDIUM
Trust: 0.2

CNVD:	CNVD-2016-09758
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	2e130ef0-a305-4871-95d8-8c6cf89e026b
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 2e130ef0-a305-4871-95d8-8c6cf89e026b // CNVD: CNVD-2016-09758

TYPE

Denial of service

Trust: 0.2

sources: IVD: 2e130ef0-a305-4871-95d8-8c6cf89e026b

PATCH

title:

Remote Denial of Service Vulnerability in Nanjing Shuntang Industrial Control Configuration Software QTouch

url:

https://www.cnvd.org.cn/patchinfo/show/80615

Trust: 0.6

sources: CNVD: CNVD-2016-09758

EXTERNAL IDS

db:	CNVD	id:	CNVD-2016-09758	Trust: 0.8
db:	IVD	id:	2E130EF0-A305-4871-95D8-8C6CF89E026B	Trust: 0.2

sources: IVD: 2e130ef0-a305-4871-95d8-8c6cf89e026b // CNVD: CNVD-2016-09758

SOURCES

db:	IVD	id:	2e130ef0-a305-4871-95d8-8c6cf89e026b
db:	CNVD	id:	CNVD-2016-09758

LAST UPDATE DATE

2022-05-17T02:03:18.192000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-09758

date:

2016-10-21T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	2e130ef0-a305-4871-95d8-8c6cf89e026b	date:	2016-10-21T00:00:00
db:	CNVD	id:	CNVD-2016-09758	date:	2016-10-05T00:00:00