CVE-2023-43775

EPSS 0.05%
Veröffentlicht 27.09.2023 15:19:34
Zuletzt bearbeitet 21.11.2024 08:24:45
Quelle CybersecurityCOE@eaton.com
CVE-Watchlists
Login
Unerledigt
Login

Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows 

attacker to potentially force an unexpected restart of the automation platform, impacting the availability of the product. In rare situations, the issue could cause
the SMP device to restart in Safe Mode or Max Safe Mode. When in Max Safe Mode, the product is
not vulnerable anymore.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Eaton ≫ Smp Sg-4260 Firmware Version >= 8.0 < 8.0r9

Eaton ≫ Smp Sg-4260 Version-

Eaton ≫ Smp Sg-4260 Firmware Version >= 8.1 < 8.1r5

Eaton ≫ Smp Sg-4260 Version-

Eaton ≫ Smp Sg-4260 Firmware Version >= 8.2 < 8.2r4

Eaton ≫ Smp Sg-4260 Version-

Eaton ≫ Smp Sg-4250 Firmware Version >= 8.0 < 8.0r9

Eaton ≫ Smp Sg-4250 Version-

Eaton ≫ Smp Sg-4250 Firmware Version >= 8.1 < 8.1r5

Eaton ≫ Smp Sg-4250 Version-

Eaton ≫ Smp Sg-4250 Firmware Version >= 8.2 < 8.2r4

Eaton ≫ Smp Sg-4250 Version-

Eaton ≫ Smp Sg-4250 Firmware Version7.0

Eaton ≫ Smp Sg-4250 Version-

Eaton ≫ Smp Sg-4250 Firmware Version7.1

Eaton ≫ Smp Sg-4250 Version-

Eaton ≫ Smp Sg-4250 Firmware Version7.2

Eaton ≫ Smp Sg-4250 Version-

Eaton ≫ Smp 4/dp Firmware Version >= 8.0 < 8.0r9

Eaton ≫ Smp 4/dp Version-

Eaton ≫ Smp 4/dp Firmware Version >= 8.1 < 8.1r5

Eaton ≫ Smp 4/dp Version-

Eaton ≫ Smp 4/dp Firmware Version >= 8.2 < 8.2r4

Eaton ≫ Smp 4/dp Version-

Eaton ≫ Smp 4/dp Firmware Version6.3

Eaton ≫ Smp 4/dp Version-

Eaton ≫ Smp 4/dp Firmware Version7.0

Eaton ≫ Smp 4/dp Version-

Eaton ≫ Smp 4/dp Firmware Version7.1

Eaton ≫ Smp 4/dp Version-

Eaton ≫ Smp 4/dp Firmware Version7.2

Eaton ≫ Smp 4/dp Version-

Eaton ≫ Smp 16 Firmware Version >= 8.0 < 8.0r9

Eaton ≫ Smp 16 Version-

Eaton ≫ Smp 16 Firmware Version6.3

Eaton ≫ Smp 16 Version-

Eaton ≫ Smp 16 Firmware Version7.0

Eaton ≫ Smp 16 Version-

Eaton ≫ Smp 16 Firmware Version7.1

Eaton ≫ Smp 16 Version-

Eaton ≫ Smp 16 Firmware Version7.2

Eaton ≫ Smp 16 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.157

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CybersecurityCOE@eaton.com	4.7	2.8	1.4	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2022-1008.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-43775

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-43775

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-43775

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-43775