Sign-up

ID

VAR-201711-0697


CVE

CVE-2017-11401


TITLE

Belden Hirschmann Tofino Xenon Security Appliance Data processing vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-010595

DESCRIPTION

An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering. Belden Hirschmann Tofino Xenon Security Appliance Contains a data processing vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ModBus DPI filter is one of the filters. The vulnerability stems from the fact that the program does not correctly process the mbap.length field of ModBus packets

Trust: 1.71

sources: NVD: CVE-2017-11401 // JVNDB: JVNDB-2017-010595 // VULHUB: VHN-101820

AFFECTED PRODUCTS

vendor:beldenmodel:tofino xenon security appliancescope:lteversion:3.1.0

Trust: 1.0

vendor:beldenmodel:tofino xenonscope:ltversion:03.2.00

Trust: 0.8

vendor:beldenmodel:tofino xenon security appliancescope:eqversion:3.1.0

Trust: 0.6

sources: JVNDB: JVNDB-2017-010595 // CNNVD: CNNVD-201707-666 // NVD: CVE-2017-11401

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-11401
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-11401
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201707-666
value: CRITICAL

Trust: 0.6

VULHUB: VHN-101820
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-11401
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-101820
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-11401
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-101820 // JVNDB: JVNDB-2017-010595 // CNNVD: CNNVD-201707-666 // NVD: CVE-2017-11401

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-19

Trust: 0.9

sources: VULHUB: VHN-101820 // JVNDB: JVNDB-2017-010595 // NVD: CVE-2017-11401

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201707-666

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201707-666

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-010595

PATCH
title:BSECV-2017-14url:https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf
Trust: 0.8
title:Belden Hirschmann Tofino Xenon Security Appliance ModBus DPI Repair measures for filter security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99932
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-010595 // 
            
            
            
            CNNVD: CNNVD-201707-666

EXTERNAL IDS
db:NVDid:CVE-2017-11401
Trust: 2.5
db:JVNDBid:JVNDB-2017-010595
Trust: 0.8
db:CNNVDid:CNNVD-201707-666
Trust: 0.7
db:VULHUBid:VHN-101820
Trust: 0.1
sources:
            
            
            VULHUB: VHN-101820 // 
            
            
            
            JVNDB: JVNDB-2017-010595 // 
            
            
            
            CNNVD: CNNVD-201707-666 // 
            
            
            
            NVD: CVE-2017-11401

REFERENCES
url:https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt
Trust: 1.7
url:https://www.belden.com/hubfs/support/security/bulletins/belden-security-bulletin-bsecv-2017-14-1v1-1.pdf
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11401
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-11401
Trust: 0.8
sources:
            
            
            VULHUB: VHN-101820 // 
            
            
            
            JVNDB: JVNDB-2017-010595 // 
            
            
            
            CNNVD: CNNVD-201707-666 // 
            
            
            
            NVD: CVE-2017-11401

SOURCES
db:VULHUBid:VHN-101820
db:JVNDBid:JVNDB-2017-010595
db:CNNVDid:CNNVD-201707-666
db:NVDid:CVE-2017-11401

LAST UPDATE DATE
2025-04-20T23:42:04.332000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-101820date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2017-010595date:2017-12-20T00:00:00
db:CNNVDid:CNNVD-201707-666date:2019-10-23T00:00:00
db:NVDid:CVE-2017-11401date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:VULHUBid:VHN-101820date:2017-11-20T00:00:00
db:JVNDBid:JVNDB-2017-010595date:2017-12-20T00:00:00
db:CNNVDid:CNNVD-201707-666date:2017-07-18T00:00:00
db:NVDid:CVE-2017-11401date:2017-11-20T15:29:00.260