github - ghsa-cxc2-v3v8-ggcp

ghsa-cxc2-v3v8-ggcp

Vulnerability from github

Published

2022-07-12 00:00

Modified

2022-07-12 00:00

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-30791"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-11T11:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.",
  "id": "GHSA-cxc2-v3v8-ggcp",
  "modified": "2022-07-12T00:00:57Z",
  "published": "2022-07-12T00:00:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30791"
    },
    {
      "type": "WEB",
      "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17128\u0026token=bee4d8a57f19be289d623ec90135493b5f9179e3\u0026download="
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2022-30791 (GCVE-0-2022-30791)

Vulnerability from cvelistv5

Published

2022-07-11 10:40

Modified

2024-09-16 16:48

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.

References

►

URL

Tags

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=

x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

►

CODESYS

CODESYS Control RTE (SL)

Version: V3 < V3.5.18.20

CODESYS	CODESYS Control RTE (for Beckhoff CX) SL	Version: V3 < V3.5.18.20
CODESYS	CODESYS Control Win (SL)	Version: V3 < V3.5.18.20
CODESYS	CODESYS Gateway	Version: V3 < V3.5.18.20
CODESYS	CODESYS Edge Gateway for Windows	Version: V3 < V3.5.18.20
CODESYS	CODESYS HMI (SL)	Version: V3 < V3.5.18.20
CODESYS	CODESYS Development System V3	Version: V3 < V3.5.18.10
CODESYS	CODESYS Control Runtime System Toolkit	Version: V3 < V3.5.18.20
CODESYS	CODESYS Embedded Target Visu Toolkit	Version: V3 < V3.5.18.20
CODESYS	CODESYS Remote Target Visu Toolkit	Version: V3 < V3.5.18.20
CODESYS	CODESYS Control for BeagleBone SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for Beckhoff CX9020 SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for emPC-A/iMX6 SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for IOT2000 SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for Linux SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for PFC100 SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for PFC200 SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for PLCnext SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for Raspberry Pi SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Control for WAGO Touch Panels 600 SL	Version: V3 < V4.5.0.0
CODESYS	CODESYS Edge Gateway for Linux	Version: V3 < V4.5.0.0

Show details on NVD website