exploitDog

CVE-2018-8843

Опубликовано: 14 мая 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data..

Ссылки

http://www.securityfocus.com/bid/104166
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-130-02
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/104166
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-130-02
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rockwellautomation:arena:*:*:*:*:*:*:*:*

Версия до 15.10.00 (включая)

EPSS

Процентиль: 2%

0.00015

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-416

CWE-416

Связанные уязвимости

GHSA-r72j-mf7h-2cgh

CVSS3: 5.5

github

больше 3 лет назад

Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data..

EPSS

Процентиль: 2%

0.00015

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-416

CWE-416