Lucene search

[email protected]CVE-2013-2793

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-2793

2022-10-0316:15:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2013

2793

triangle microworks

scada

data gateway

dnp3

.net

protocol

tcp

denial of service

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.3%

JSON

Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.

Affected configurations

NVD

Node

trianglemicroworks.net_communication_protocol_componentsMatch3.06.0.171

trianglemicroworks.net_communication_protocol_componentsMatch3.15.0.369

trianglemicroworksansi_c_source_code_librariesMatch3.06.0000

trianglemicroworksansi_c_source_code_librariesMatch3.15.0000

trianglemicroworksscada_data_gatewayMatch2.50

trianglemicroworksscada_data_gatewayMatch2.50.0309

trianglemicroworksscada_data_gatewayMatch3.00.0616

CPENameOperatorVersion
trianglemicroworks:.net_communication_protocol_componentstrianglemicroworks .net communication protocol componentseq3.06.0.171
trianglemicroworks:.net_communication_protocol_componentstrianglemicroworks .net communication protocol componentseq3.15.0.369
trianglemicroworks:ansi_c_source_code_librariestrianglemicroworks ansi c source code librarieseq3.06.0000
trianglemicroworks:ansi_c_source_code_librariestrianglemicroworks ansi c source code librarieseq3.15.0000
trianglemicroworks:scada_data_gatewaytrianglemicroworks scada data gatewayeq2.50
trianglemicroworks:scada_data_gatewaytrianglemicroworks scada data gatewayeq2.50.0309
trianglemicroworks:scada_data_gatewaytrianglemicroworks scada data gatewayeq3.00.0616

CPE	Name	Operator	Version
trianglemicroworks:.net_communication_protocol_components	trianglemicroworks .net communication protocol components	eq	3.06.0.171
trianglemicroworks:.net_communication_protocol_components	trianglemicroworks .net communication protocol components	eq	3.15.0.369
trianglemicroworks:ansi_c_source_code_libraries	trianglemicroworks ansi c source code libraries	eq	3.06.0000
trianglemicroworks:ansi_c_source_code_libraries	trianglemicroworks ansi c source code libraries	eq	3.15.0000
trianglemicroworks:scada_data_gateway	trianglemicroworks scada data gateway	eq	2.50
trianglemicroworks:scada_data_gateway	trianglemicroworks scada data gateway	eq	2.50.0309
trianglemicroworks:scada_data_gateway	trianglemicroworks scada data gateway	eq	3.00.0616

References

ics-cert.us-cert.gov/advisories/ICSA-13-240-01

www.trianglemicroworks.com/documents/mdnp_scl_whats_new.pdf

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.3%

JSON

Related for CVE-2013-2793

nvd1 prion1 cvelist1 ics1