Details of VAR-201706-0656

ID

VAR-201706-0656

CVE

CVE-2017-7901

TITLE

plural Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Vulnerability related to insufficient random value in controller

Trust: 0.8

sources: JVNDB: JVNDB-2017-005285

DESCRIPTION

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWAA, Series A and B, Version 16.00 and prior versions; 1766-L32BXB, Series A and B, Version 16.00 and prior versions; 1766-L32BXBA, Series A and B, Version 16.00 and prior versions; and 1766-L32AWAA, Series A and B, Version 16.00 and prior versions. Insufficiently random TCP initial sequence numbers are generated, which may allow an attacker to predict the numbers from previous values. This may allow an attacker to spoof or disrupt TCP connections, resulting in a denial of service for the target device. plural Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 The controller contains a vulnerability related to the use of insufficient random values.By the attacker, TCP Impaired service operation by spoofing or interrupting connection (DoS) There is a possibility of being put into a state. Rockwell Automation Allen-Bradley MicroLogix 1100 1763-L16AWA Series A is a programmable logic controller (PLC) product from Rockwell Automation. An attacker could exploit the vulnerability to cause a denial of service. Attackers may exploit these issues to bypass authentication mechanism, bypass security restrictions and perform unauthorized actions, gain sensitive information and cause denial-of-service conditions

Trust: 2.7

sources: NVD: CVE-2017-7901 // JVNDB: JVNDB-2017-005285 // CNVD: CNVD-2017-08714 // BID: 98630 // IVD: 5fd06eb4-267d-4a08-8ef1-7a61d9396f11 // VULHUB: VHN-116104

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 5fd06eb4-267d-4a08-8ef1-7a61d9396f11 // CNVD: CNVD-2017-08714

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	1763-l16dwd series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bwa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bwa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxb series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwaa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bbb series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16awa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxba series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxb series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwaa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awaa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16dwd series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bbb series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awaa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16awa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxba series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16awa series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16awa series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bbb series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bbb series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bwa series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bwa series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16dwd series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16dwd series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awa series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awa series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awaa series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awaa series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwa series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwa series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwaa series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwaa series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxb series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxb series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxba series a	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxba series b	scope:	lte	version:	16.000	Trust: 0.8
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwaa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1763-l16dwd series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxb series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32awa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwaa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1763-l16bwa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32awa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxb series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	1763 l16awa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16awa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bbb series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bbb series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bwa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bwa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16dwd series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16dwd series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awaa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awaa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwaa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwaa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxb series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxb series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxba series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxba series b	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 5fd06eb4-267d-4a08-8ef1-7a61d9396f11 // CNVD: CNVD-2017-08714 // BID: 98630 // JVNDB: JVNDB-2017-005285 // CNNVD: CNNVD-201705-1232 // NVD: CVE-2017-7901

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7901
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-7901
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-08714
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201705-1232
value:	CRITICAL
Trust: 0.6
IVD:	5fd06eb4-267d-4a08-8ef1-7a61d9396f11
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-116104
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-7901
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	8.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-08714
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:H/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	5fd06eb4-267d-4a08-8ef1-7a61d9396f11
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:H/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-116104
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	8.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-7901
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.7
version:	3.0
Trust: 1.8

sources: IVD: 5fd06eb4-267d-4a08-8ef1-7a61d9396f11 // CNVD: CNVD-2017-08714 // VULHUB: VHN-116104 // JVNDB: JVNDB-2017-005285 // CNNVD: CNNVD-201705-1232 // NVD: CVE-2017-7901

PROBLEMTYPE DATA

problemtype:	CWE-330	Trust: 1.9
problemtype:	CWE-343	Trust: 1.0

sources: VULHUB: VHN-116104 // JVNDB: JVNDB-2017-005285 // NVD: CVE-2017-7901

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201705-1232

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201705-1232

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005285

PATCH

title:	MicroLogix 1100コントローラ	url:	http://ab.rockwellautomation.com/ja/Programmable-Controllers/MicroLogix-1100	Trust: 0.8
title:	MicroLogix 1400コントローラ	url:	http://ab.rockwellautomation.com/ja/Programmable-Controllers/MicroLogix-1400	Trust: 0.8
title:	A number of Rockwell Automation products have unexplained patches (CNVD-2017-08714)	url:	https://www.cnvd.org.cn/patchInfo/show/94977	Trust: 0.6
title:	Multiple Rockwell Automation Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70551	Trust: 0.6

sources: CNVD: CNVD-2017-08714 // JVNDB: JVNDB-2017-005285 // CNNVD: CNNVD-201705-1232

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7901	Trust: 3.6
db:	ICS CERT	id:	ICSA-17-115-04	Trust: 2.8
db:	BID	id:	98630	Trust: 1.5
db:	SECTRACK	id:	1038546	Trust: 1.1
db:	CNNVD	id:	CNNVD-201705-1232	Trust: 0.9
db:	CNVD	id:	CNVD-2017-08714	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-005285	Trust: 0.8
db:	NSFOCUS	id:	36798	Trust: 0.6
db:	IVD	id:	5FD06EB4-267D-4A08-8EF1-7A61D9396F11	Trust: 0.2
db:	VULHUB	id:	VHN-116104	Trust: 0.1

sources: IVD: 5fd06eb4-267d-4a08-8ef1-7a61d9396f11 // CNVD: CNVD-2017-08714 // VULHUB: VHN-116104 // BID: 98630 // JVNDB: JVNDB-2017-005285 // CNNVD: CNNVD-201705-1232 // NVD: CVE-2017-7901

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-115-04	Trust: 2.8
url:	http://www.securityfocus.com/bid/98630	Trust: 1.2
url:	http://www.securitytracker.com/id/1038546	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7901	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7901	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/36798	Trust: 0.6
url:	http://www.moxa.com/	Trust: 0.3

sources: CNVD: CNVD-2017-08714 // VULHUB: VHN-116104 // BID: 98630 // JVNDB: JVNDB-2017-005285 // CNNVD: CNNVD-201705-1232 // NVD: CVE-2017-7901

CREDITS

Maxim Rupp

Trust: 0.9

sources: BID: 98630 // CNNVD: CNNVD-201705-1232

SOURCES

db:	IVD	id:	5fd06eb4-267d-4a08-8ef1-7a61d9396f11
db:	CNVD	id:	CNVD-2017-08714
db:	VULHUB	id:	VHN-116104
db:	BID	id:	98630
db:	JVNDB	id:	JVNDB-2017-005285
db:	CNNVD	id:	CNNVD-201705-1232
db:	NVD	id:	CVE-2017-7901

LAST UPDATE DATE

2025-04-20T23:26:04.381000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-08714	date:	2017-06-08T00:00:00
db:	VULHUB	id:	VHN-116104	date:	2017-07-08T00:00:00
db:	BID	id:	98630	date:	2017-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-005285	date:	2017-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201705-1232	date:	2017-07-03T00:00:00
db:	NVD	id:	CVE-2017-7901	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	5fd06eb4-267d-4a08-8ef1-7a61d9396f11	date:	2017-06-08T00:00:00
db:	CNVD	id:	CNVD-2017-08714	date:	2017-06-08T00:00:00
db:	VULHUB	id:	VHN-116104	date:	2017-06-30T00:00:00
db:	BID	id:	98630	date:	2017-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-005285	date:	2017-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201705-1232	date:	2017-05-23T00:00:00
db:	NVD	id:	CVE-2017-7901	date:	2017-06-30T03:29:00.797