CVE-2014-2342

Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01	US Government Resource
http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0594:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0592:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0591:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0590:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0575:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0574:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0573:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0572:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0545:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0544:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0540:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0587:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0567:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0595:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0528:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0612:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0577:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0589:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0616:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0517:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0583:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0553:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0570:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0561:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0582:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0599:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0536:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0579:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0584:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0597:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway::::::::
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0615:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0566:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0518:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0598:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0515:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0565:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0571:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0552:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0586:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0581:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0630:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0596:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0569:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0588:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0564:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0578:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0580:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.51:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50.0309:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0558:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0516:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.53:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0562:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0576:::::::*
	cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0529:::::::*

Information

Published : 2014-05-30 16:55

Updated : 2014-06-05 05:32

NVD link : CVE-2014-2342

Mitre link : CVE-2014-2342

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

trianglemicroworks

scada_data_gateway

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01", "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-01", "tags": ["US Government Resource"], "refsource": "MISC"}, {"url": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new", "name": "http://www.trianglemicroworks.com/products/scada-data-gateway/what%27s-new", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-2342", "ASSIGNER": "ics-cert@hq.dhs.gov"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-05-30T23:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0594:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0592:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0591:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0590:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0575:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0574:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0573:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0572:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0545:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0544:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0540:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0587:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0567:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0595:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0528:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0612:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0577:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0589:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0616:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0517:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0583:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0553:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0570:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0561:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0582:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0599:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0536:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0579:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0584:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0597:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.00.0633"}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0615:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0566:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0518:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0598:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0515:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0565:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0571:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0552:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0586:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0581:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:3.00.0630:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0596:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0569:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0588:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0564:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0578:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0580:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.51:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.50.0309:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0558:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0516:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.53:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0562:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0576:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:trianglemicroworks:scada_data_gateway:2.54.0529:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2014-06-05T12:32Z"}

5.0 /10