Details of VAR-201706-0658

ID

VAR-201706-0658

CVE

CVE-2017-7903

TITLE

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Vulnerability related to cryptographic strength in the controller

Trust: 0.8

sources: JVNDB: JVNDB-2017-005259

DESCRIPTION

A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWAA, Series A and B, Version 16.00 and prior versions; 1766-L32BXB, Series A and B, Version 16.00 and prior versions; 1766-L32BXBA, Series A and B, Version 16.00 and prior versions; and 1766-L32AWAA, Series A and B, Version 16.00 and prior versions. The affected products use a numeric password with a small maximum character size for the password. Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 The controller contains a cryptographic strength vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Rockwell Automation Allen-Bradley MicroLogix 1100 1763-L16AWA Series A is a programmable logic controller (PLC) product from Rockwell Automation. Security vulnerabilities exist in several Rockwell Automation products. An attacker could exploit the vulnerability to gain unauthorized access to the affected device. Attackers may exploit these issues to bypass authentication mechanism, bypass security restrictions and perform unauthorized actions, gain sensitive information and cause denial-of-service conditions

Trust: 2.7

sources: NVD: CVE-2017-7903 // JVNDB: JVNDB-2017-005259 // CNVD: CNVD-2017-08710 // BID: 98630 // IVD: d8eaab08-91a4-49b0-87ae-dc64ea9581a3 // VULHUB: VHN-116106

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: d8eaab08-91a4-49b0-87ae-dc64ea9581a3 // CNVD: CNVD-2017-08710

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	1763-l16dwd series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bwa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bwa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxb series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwaa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bbb series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16awa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxba series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxb series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bwaa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awaa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16dwd series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16bbb series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awa series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32awaa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1763-l16awa series b	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwellautomation	model:	1766-l32bxba series a	scope:	lte	version:	16.000	Trust: 1.0
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16awa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16awa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bbb series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bbb series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bwa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16bwa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16dwd series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1100 1763-l16dwd series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awaa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32awaa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwaa series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bwaa series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxb series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxb series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxba series a	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell automation	model:	allen-bradley micrologix 1400 1766-l32bxba series b	scope:	lte	version:	16.00	Trust: 0.8
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd	scope:	eq	version:	1100<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa	scope:	eq	version:	1400<=16.00	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwaa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxb series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32awa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwa series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwaa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxba series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bwa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32awa series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxb series a	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwellautomation	model:	1766-l32bxba series b	scope:	eq	version:	16.000	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series a	scope:	eq	version:	140016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series a	scope:	eq	version:	140015.004	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16dwd series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bwa series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16bbb series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110015.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series b	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series a	scope:	eq	version:	110016.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1763-l16awa series a	scope:	eq	version:	110014.000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxba series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bxb series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwaa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32bwa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awaa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley micrologix 1766-l32awa series b	scope:	ne	version:	140021.00	Trust: 0.3
vendor:	1763 l16awa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16awa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bbb series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bbb series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bwa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16bwa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16dwd series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1763 l16dwd series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awaa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32awaa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwaa series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bwaa series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxb series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxb series b	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxba series a	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	1766 l32bxba series b	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: d8eaab08-91a4-49b0-87ae-dc64ea9581a3 // CNVD: CNVD-2017-08710 // BID: 98630 // JVNDB: JVNDB-2017-005259 // CNNVD: CNNVD-201705-1236 // NVD: CVE-2017-7903

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7903
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-7903
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-08710
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201705-1236
value:	MEDIUM
Trust: 0.6
IVD:	d8eaab08-91a4-49b0-87ae-dc64ea9581a3
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-116106
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-7903
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-08710
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	d8eaab08-91a4-49b0-87ae-dc64ea9581a3
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-116106
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-7903
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: d8eaab08-91a4-49b0-87ae-dc64ea9581a3 // CNVD: CNVD-2017-08710 // VULHUB: VHN-116106 // JVNDB: JVNDB-2017-005259 // CNNVD: CNNVD-201705-1236 // NVD: CVE-2017-7903

PROBLEMTYPE DATA

problemtype:	CWE-326	Trust: 1.9
problemtype:	CWE-521	Trust: 1.0

sources: VULHUB: VHN-116106 // JVNDB: JVNDB-2017-005259 // NVD: CVE-2017-7903

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201705-1236

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201705-1236

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005259

PATCH

title:	Top Page	url:	http://www.rockwellautomation.com/	Trust: 0.8
title:	Patches for unknown Rockwell Automation products with unknown vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/94972	Trust: 0.6
title:	Multiple Rockwell Automation Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70578	Trust: 0.6

sources: CNVD: CNVD-2017-08710 // JVNDB: JVNDB-2017-005259 // CNNVD: CNNVD-201705-1236

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7903	Trust: 3.6
db:	ICS CERT	id:	ICSA-17-115-04	Trust: 3.4
db:	BID	id:	98630	Trust: 1.5
db:	SECTRACK	id:	1038546	Trust: 1.1
db:	CNNVD	id:	CNNVD-201705-1236	Trust: 0.9
db:	CNVD	id:	CNVD-2017-08710	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-005259	Trust: 0.8
db:	NSFOCUS	id:	36798	Trust: 0.6
db:	IVD	id:	D8EAAB08-91A4-49B0-87AE-DC64EA9581A3	Trust: 0.2
db:	VULHUB	id:	VHN-116106	Trust: 0.1

sources: IVD: d8eaab08-91a4-49b0-87ae-dc64ea9581a3 // CNVD: CNVD-2017-08710 // VULHUB: VHN-116106 // BID: 98630 // JVNDB: JVNDB-2017-005259 // CNNVD: CNNVD-201705-1236 // NVD: CVE-2017-7903

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-115-04	Trust: 3.4
url:	http://www.securityfocus.com/bid/98630	Trust: 1.2
url:	http://www.securitytracker.com/id/1038546	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7903	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7903	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/36798	Trust: 0.6
url:	http://www.moxa.com/	Trust: 0.3

sources: CNVD: CNVD-2017-08710 // VULHUB: VHN-116106 // BID: 98630 // JVNDB: JVNDB-2017-005259 // CNNVD: CNNVD-201705-1236 // NVD: CVE-2017-7903

CREDITS

Maxim Rupp

Trust: 0.9

sources: BID: 98630 // CNNVD: CNNVD-201705-1236

SOURCES

db:	IVD	id:	d8eaab08-91a4-49b0-87ae-dc64ea9581a3
db:	CNVD	id:	CNVD-2017-08710
db:	VULHUB	id:	VHN-116106
db:	BID	id:	98630
db:	JVNDB	id:	JVNDB-2017-005259
db:	CNNVD	id:	CNNVD-201705-1236
db:	NVD	id:	CVE-2017-7903

LAST UPDATE DATE

2025-04-20T23:26:04.295000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-08710	date:	2017-06-08T00:00:00
db:	VULHUB	id:	VHN-116106	date:	2017-07-08T00:00:00
db:	BID	id:	98630	date:	2017-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-005259	date:	2017-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201705-1236	date:	2017-07-03T00:00:00
db:	NVD	id:	CVE-2017-7903	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	d8eaab08-91a4-49b0-87ae-dc64ea9581a3	date:	2017-06-08T00:00:00
db:	CNVD	id:	CNVD-2017-08710	date:	2017-06-08T00:00:00
db:	VULHUB	id:	VHN-116106	date:	2017-06-30T00:00:00
db:	BID	id:	98630	date:	2017-05-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-005259	date:	2017-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201705-1236	date:	2017-05-23T00:00:00
db:	NVD	id:	CVE-2017-7903	date:	2017-06-30T03:29:00.860