Lucene search

[email protected]NVD:CVE-2020-12524

HistoryDec 02, 2020 - 3:15 p.m.

CVE-2020-12524

2020-12-0215:15:12

CWE-400

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

42.7%

JSON

Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service).

Affected configurations

NVD

Node

phoenixcontactbtp_2043w_firmware

AND

phoenixcontactbtp_2043wMatch-

Node

phoenixcontactbtp_2070w_firmware

AND

phoenixcontactbtp_2070wMatch-

Node

phoenixcontactbtp_2102w_firmware

AND

phoenixcontactbtp_2102wMatch-

References

cert.vde.com/en-us/advisories/vde-2020-047

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

42.7%

JSON

Related for NVD:CVE-2020-12524

cve1 prion1 cvelist1