Lucene search

[email protected]CVE-2023-29158

HistoryJun 19, 2023 - 9:15 p.m.

CVE-2023-29158

2023-06-1921:15:42

CWE-294

[email protected]

web.nvd.nist.gov

cve-2023-29158

subnet powersystem center

replay attacks

denial-of-service

data integrity

vulnerability

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.1%

JSON

SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.

Affected configurations

NVD

Node

subnetpowersystem_centerRange<2020

subnetpowersystem_centerMatch2020-

subnetpowersystem_centerMatch2020u10

CPENameOperatorVersion
subnet:powersystem_centersubnet powersystem centerlt2020

CPE	Name	Operator	Version
subnet:powersystem_center	subnet powersystem center	lt	2020

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "PowerSYSTEM Center",
    "vendor": "SUBNET Solutions Inc.",
    "versions": [
      {
        "lessThanOrEqual": "2020 U10",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.cisa.gov/news-events/ics-advisories/icsa-23-166-01

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.1%

JSON

Related for CVE-2023-29158

nvd1 prion1 cvelist1 ics1