Details of VAR-201706-0657

ID

VAR-201706-0657

CVE

CVE-2017-7902

TITLE

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Cryptographic vulnerability in the controller

Trust: 0.8

sources: JVNDB: JVNDB-2017-005258

DESCRIPTION

A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWAA, Series A and B, Version 16.00 and prior versions; 1766-L32BXB, Series A and B, Version 16.00 and prior versions; 1766-L32BXBA, Series A and B, Version 16.00 and prior versions; and 1766-L32AWAA, Series A and B, Version 16.00 and prior versions. The affected product reuses nonces, which may allow an attacker to capture and replay a valid request until the nonce is changed. Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 The controller contains a cryptographic vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Rockwell Automation Allen-Bradley MicroLogix 1100 1763-L16AWA Series A is a programmable logic controller (PLC) product from Rockwell Automation. Security vulnerabilities exist in several Rockwell Automation products. An attacker could exploit this vulnerability to capture and respond to valid requests. Attackers may exploit these issues to bypass authentication mechanism, bypass security restrictions and perform unauthorized actions, gain sensitive information and cause denial-of-service conditions

Trust: 2.7

sources: NVD: CVE-2017-7902 // JVNDB: JVNDB-2017-005258 // CNVD: CNVD-2017-08713 // BID: 98630 // IVD: 39a0941d-3488-4dbf-908a-9e36af02ceef // VULHUB: VHN-116105

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 39a0941d-3488-4dbf-908a-9e36af02ceef // CNVD: CNVD-2017-08713

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	1763-l16dwd series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bwa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bwa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxb series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwaa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bbb series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16awa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxba series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxb series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwaa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awaa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16dwd series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bbb series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awaa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16awa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxba series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16awa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16awa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bbb series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bbb series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bwa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bwa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16dwd series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16dwd series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awaa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awaa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwaa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwaa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxb series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxb series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxba series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxba series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwaa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxb series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32awa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwaa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxba series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32awa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxb series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxba series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	1763 l16awa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16awa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bbb series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bbb series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bwa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bwa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16dwd series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16dwd series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awaa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awaa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwaa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwaa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxb series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxb series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxba series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxba series b	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 39a0941d-3488-4dbf-908a-9e36af02ceef // CNVD: CNVD-2017-08713 // BID: 98630 // JVNDB: JVNDB-2017-005258 // CNNVD: CNNVD-201705-1233 // NVD: CVE-2017-7902

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7902
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-7902
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-08713
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201705-1233
value:	CRITICAL
Trust: 0.6
IVD:	39a0941d-3488-4dbf-908a-9e36af02ceef
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-116105
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-7902
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-08713
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	39a0941d-3488-4dbf-908a-9e36af02ceef
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-116105
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-7902
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: 39a0941d-3488-4dbf-908a-9e36af02ceef // CNVD: CNVD-2017-08713 // VULHUB: VHN-116105 // JVNDB: JVNDB-2017-005258 // CNNVD: CNNVD-201705-1233 // NVD: CVE-2017-7902

PROBLEMTYPE DATA

problemtype:	CWE-330	Trust: 1.1
problemtype:	CWE-323	Trust: 1.0
problemtype:	CWE-310	Trust: 0.9

sources: VULHUB: VHN-116105 // JVNDB: JVNDB-2017-005258 // NVD: CVE-2017-7902

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201705-1233

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-201705-1233

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005258

PATCH

title:	Top Page	url:	http://www.rockwellautomation.com/	Trust: 0.8
title:	Patches for Unknown Vulnerabilities (CNVD-2017-08713) for Multiple Rockwell Automation Products	url:	https://www.cnvd.org.cn/patchInfo/show/94975	Trust: 0.6
title:	Multiple Rockwell Automation Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70575	Trust: 0.6

sources: CNVD: CNVD-2017-08713 // JVNDB: JVNDB-2017-005258 // CNNVD: CNNVD-201705-1233

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7902	Trust: 3.6
db:	ICS CERT	id:	ICSA-17-115-04	Trust: 3.4
db:	SECTRACK	id:	1038546	Trust: 1.7
db:	CNNVD	id:	CNNVD-201705-1233	Trust: 0.9
db:	BID	id:	98630	Trust: 0.9
db:	CNVD	id:	CNVD-2017-08713	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-005258	Trust: 0.8
db:	IVD	id:	39A0941D-3488-4DBF-908A-9E36AF02CEEF	Trust: 0.2
db:	VULHUB	id:	VHN-116105	Trust: 0.1

sources: IVD: 39a0941d-3488-4dbf-908a-9e36af02ceef // CNVD: CNVD-2017-08713 // VULHUB: VHN-116105 // BID: 98630 // JVNDB: JVNDB-2017-005258 // CNNVD: CNNVD-201705-1233 // NVD: CVE-2017-7902

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-115-04	Trust: 3.4
url:	http://www.securitytracker.com/id/1038546	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7902	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7902	Trust: 0.8
url:	http://www.securityfocus.com/bid/98630	Trust: 0.6
url:	http://www.moxa.com/	Trust: 0.3

sources: CNVD: CNVD-2017-08713 // VULHUB: VHN-116105 // BID: 98630 // JVNDB: JVNDB-2017-005258 // CNNVD: CNNVD-201705-1233 // NVD: CVE-2017-7902

CREDITS

Maxim Rupp

Trust: 0.9

sources: BID: 98630 // CNNVD: CNNVD-201705-1233

SOURCES

db:	IVD	id:	39a0941d-3488-4dbf-908a-9e36af02ceef
db:	CNVD	id:	CNVD-2017-08713
db:	VULHUB	id:	VHN-116105
db:	BID	id:	98630
db:	JVNDB	id:	JVNDB-2017-005258
db:	CNNVD	id:	CNNVD-201705-1233
db:	NVD	id:	CVE-2017-7902

LAST UPDATE DATE

2025-04-20T23:26:04.466000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-08713	date:	2017-06-08T00:00:00
db:	VULHUB	id:	VHN-116105	date:	2019-10-09T00:00:00
db:	BID	id:	98630	date:	2017-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-005258	date:	2017-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201705-1233	date:	2019-10-08T00:00:00
db:	NVD	id:	CVE-2017-7902	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	39a0941d-3488-4dbf-908a-9e36af02ceef	date:	2017-06-08T00:00:00
db:	CNVD	id:	CNVD-2017-08713	date:	2017-06-08T00:00:00
db:	VULHUB	id:	VHN-116105	date:	2017-06-30T00:00:00
db:	BID	id:	98630	date:	2017-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-005258	date:	2017-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201705-1233	date:	2017-05-23T00:00:00
db:	NVD	id:	CVE-2017-7902	date:	2017-06-30T03:29:00.827