Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCertccCVE-2012-0221
HistoryApr 02, 2012 - 6:55 p.m.

CVE-2012-0221

2012-04-0218:55:01
CWE-20
certcc
web.nvd.nist.gov
34
cve-2012-0221
factorytalk
rnadiagreceiver
rockwell automation
allen-bradley
cpr9
sr5
rslogix 5000
denial of service

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.821

Percentile

98.4%

JSON

The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet.

Affected configurations

Nvd
Node
rockwellautomationfactorytalkMatchcpr9
OR
rockwellautomationfactorytalkMatchcpr9_sr5
OR
rockwellautomationrslogix_5000Match17
OR
rockwellautomationrslogix_5000Match18
OR
rockwellautomationrslogix_5000Match19
OR
rockwellautomationrslogix_5000Match20
VendorProductVersionCPE
rockwellautomationfactorytalkcpr9cpe:2.3:a:rockwellautomation:factorytalk:cpr9:*:*:*:*:*:*:*
rockwellautomationfactorytalkcpr9_sr5cpe:2.3:a:rockwellautomation:factorytalk:cpr9_sr5:*:*:*:*:*:*:*
rockwellautomationrslogix_500017cpe:2.3:a:rockwellautomation:rslogix_5000:17:*:*:*:*:*:*:*
rockwellautomationrslogix_500018cpe:2.3:a:rockwellautomation:rslogix_5000:18:*:*:*:*:*:*:*
rockwellautomationrslogix_500019cpe:2.3:a:rockwellautomation:rslogix_5000:19:*:*:*:*:*:*:*
rockwellautomationrslogix_500020cpe:2.3:a:rockwellautomation:rslogix_5000:20:*:*:*:*:*:*:*

Related

exploitdb 1
nessus 2
nvd 1
prion 1
cvelist 1
ics 1
exploitdb
exploitdb
Rockwell Automation FactoryTalk Activation Server - Multiple Denial of Service Vulnerabilities
2012-01-17 00:00:00
nessus
nessus
Rockwellautomation Factorytalk Improper Input Validation
2019-11-08 00:00:00
Rockwell (CVE-2012-0221) (deprecated)
2022-02-07 00:00:00
nvd
nvd
CVE-2012-0221
2012-04-02 18:55:01
prion
prion
Design/Logic Flaw
2012-04-02 18:55:00
cvelist
cvelist
CVE-2012-0221
2012-04-02 18:00:00
ics
ics
Rockwell Automation FactoryTalk RNADiagReceiver (UPDATE A)
2018-09-06 12:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.821

Percentile

98.4%

JSON
Related for CVE-2012-0221
exploitdb1nessus2nvd1prion1cvelist1ics1