CVE-2018-13815 - Vulnerability Details - OpenCVE

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Simatic S7-1200 Simatic S7-1200 Firmware Simatic S7-1500 Simatic S7-1500 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/105928
https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2018-12-13T16:00:00

Updated: 2024-08-05T09:14:47.135Z

Reserved: 2018-07-10T00:00:00

Link: CVE-2018-13815

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-12-13T16:29:00.383

Modified: 2024-11-21T03:48:07.740

Link: CVE-2018-13815

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SIMATIC S7-1200, SIMATIC S7-1500", "vendor": "Siemens AG", "versions": [{"status": "affected", "version": "SIMATIC S7-1200 : All versions"}, {"status": "affected", "version": "SIMATIC S7-1500 : All Versions < V2.6"}]}], "datePublic": "2018-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-410", "description": "CWE-410: Insufficient Resource Pool", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-12-14T10:57:02", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"name": "105928", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105928"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2018-13815", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SIMATIC S7-1200, SIMATIC S7-1500", "version": {"version_data": [{"version_value": "SIMATIC S7-1200 : All versions"}, {"version_value": "SIMATIC S7-1500 : All Versions < V2.6"}]}}]}, "vendor_name": "Siemens AG"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-410: Insufficient Resource Pool"}]}]}, "references": {"reference_data": [{"name": "105928", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105928"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T09:14:47.135Z"}, "title": "CVE Program Container", "references": [{"name": "105928", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105928"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2018-13815", "datePublished": "2018-12-13T16:00:00", "dateReserved": "2018-07-10T00:00:00", "dateUpdated": "2024-08-05T09:14:47.135Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5187EF42-3E86-4C73-A435-E5D5710B6999", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_s7-1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC545350-FD53-4B2E-886F-E20F12260C9B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F81F41D-480F-4443-927E-00607DD40BF5", "versionEndExcluding": "2.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*", "matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SIMATIC S7-1200 (todas las versiones) y SIMATIC S7-1500 (todas las versiones anteriores a la V2.6). Un atacante podr\u00eda agotar el grupo de conexiones disponibles de un dispositivo afectado abriendo un n\u00famero suficiente de conexiones al dispositivo. Su explotaci\u00f3n con \u00e9xito requiere que un atacante sea capaz de enviar paquetes al puerto 102/tcp del dispositivo afectado. No se requiere interacci\u00f3n o privilegios del usuario para explotar esta vulnerabilidad. Si se explota esta vulnerabilidad, se podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) que impacta sobre la disponibilidad del sistema. En el momento de la publicaci\u00f3n del aviso, no se conoce ninguna explotaci\u00f3n p\u00fablica de la vulnerabilidad."}], "id": "CVE-2018-13815", "lastModified": "2024-11-21T03:48:07.740", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-13T16:29:00.383", "references": [{"source": "productcert@siemens.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105928"}, {"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105928"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-410"}], "source": "productcert@siemens.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}