CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
35.0%
CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.
Vendor | Product | Version | CPE |
---|---|---|---|
yokogawa | centum_cs_3000_firmware | * | cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:* |
yokogawa | centum_cs_3000 | - | cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:* |
yokogawa | centum_cs_3000_entry_firmware | * | cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:*:*:*:*:*:*:*:* |
yokogawa | centum_cs_3000_entry | - | cpe:2.3:h:yokogawa:centum_cs_3000_entry:-:*:*:*:*:*:*:* |
yokogawa | centum_vp_firmware | * | cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:* |
yokogawa | centum_vp | - | cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:* |
yokogawa | centum_vp_entry_firmware | * | cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:* |
yokogawa | centum_vp_entry | - | cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:* |
yokogawa | exaopc | * | cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:* |
[
{
"product": "CENTUM CS 3000",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions from R3.08.10 to R3.09.00"
}
]
},
{
"product": "CENTUM VP",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions from R4.01.00 to R4.03.00"
},
{
"status": "affected",
"version": "versions from R5.01.00 to R5.04.20"
},
{
"status": "affected",
"version": "versions from R6.01.00 to R6.08.00"
}
]
},
{
"product": "Exaopc",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions from R3.72.00 to R3.79.00"
}
]
}
]
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
35.0%