CVE-2017-9628

Опубликовано: 05 окт. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames with memory contents.

Ссылки

http://www.securityfocus.com/bid/100949
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-234-05
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/100949
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-234-05
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:saia_burgess_controls:pcd_controllers_firmware:*:*:*:*:*:*:*:*

Версия до 1.24.67 (включая)

cpe:2.3:o:saia_burgess_controls:pcd_controllers_firmware:*:*:*:*:*:*:*:*

Версия до 1.28.11 (включая)

cpe:2.3:h:saia_burgess_controls:pcd_controllers:-:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00219

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-976m-mf45-wgr9