CVE-2017-9312
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
25/06/2018
Last modified:
23/08/2018
Description
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:rockwellautomation:allen-bradley_l30erms_firmware:*:*:*:*:*:*:*:* | 30 (including) | |
cpe:2.3:h:rockwellautomation:allen-bradley_l30erms:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page