CVE-2012-4695

EPSS 0.02%
Veröffentlicht 18.04.2013 02:25:36
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage) via a zero-byte UDP packet that is not properly handled by Logger.dll.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rockwellautomation ≫ Rslinx Enterprise Versioncpr9

Rockwellautomation ≫ Rslinx Enterprise Versioncpr9 Updatesr1

Rockwellautomation ≫ Rslinx Enterprise Versioncpr9 Updatesr2

Rockwellautomation ≫ Rslinx Enterprise Versioncpr9 Updatesr3

Rockwellautomation ≫ Rslinx Enterprise Versioncpr9 Updatesr4

Rockwellautomation ≫ Rslinx Enterprise Versioncpr9 Updatesr5

Rockwellautomation ≫ Rslinx Enterprise Versioncpr9 Updatesr5.1

Rockwellautomation ≫ Rslinx Enterprise Versioncpr9 Updatesr6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.03

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://ics-cert.us-cert.gov/pdf/ICSA-13-095-02.pdf

US Government Resource

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599

https://nvd.nist.gov/vuln/detail/CVE-2012-4695

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-4695

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-4695

EUVD