CVE-2020-9307

EPSS 0.04%
Veröffentlicht 11.02.2021 21:15:12
Zuletzt bearbeitet 21.11.2024 05:40:23
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthenticated, adjacent attacker can cause an infinite loop on one of the HSR ring ports of the device. This effectively breaks the redundancy of the HSR ring. If the attacker can perform the same attack on a second device, the ring is broken into two parts (thus disrupting communication between devices in the different parts).

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Belden ≫ Hirschmann Hios Version >= 07.0.04 < 07.1.00

Belden ≫ Hirschmann Hios Version >= 08.0.00 < 08.3.00

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.086

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	6.1	6.5	6.9	AV:A/AC:L/Au:N/C:N/I:N/A:C

CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://www.belden.com/dfsmedia/f1e38517e0cd4caa8b1acb6619890f5e/12276-source/options/view

Vendor Advisory

https://www.belden.com/security

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-9307

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-9307

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-9307

EUVD