{"containers": {"cna": {"affected": [{"product": "Schneider Electric Magelis HMI", "vendor": "n/a", "versions": [{"status": "affected", "version": "Schneider Electric Magelis HMI"}]}], "datePublic": "2017-02-13T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker may be able to disrupt a targeted web server, resulting in a denial of service because of UNCONTROLLED RESOURCE CONSUMPTION."}], "problemTypes": [{"descriptions": [{"description": "Schneider Electric Magelis HMI Resource Consumption", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-02-14T10:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02"}, {"name": "94093", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94093"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2016-8374", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Schneider Electric Magelis HMI", "version": {"version_data": [{"version_value": "Schneider Electric Magelis HMI"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker may be able to disrupt a targeted web server, resulting in a denial of service because of UNCONTROLLED RESOURCE CONSUMPTION."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Schneider Electric Magelis HMI Resource Consumption"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02"}, {"name": "94093", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94093"}]}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2016-8374", "datePublished": "2017-02-13T21:00:00", "dateReserved": "2016-09-28T00:00:00", "dateUpdated": "2017-02-14T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:magelis_gtu_universal_panel_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "67686731-11C6-4A70-86EA-C20D4A5E00C0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:magelis_gtu_universal_panel:-:*:*:*:*:*:*:*", "matchCriteriaId": "9338C7D9-7F38-4B34-BDB0-95563240A189", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:magelis_gto_advanced_optimum_panel_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "453B800A-F3A0-4B22-961E-67F2EBAB292D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:magelis_gto_advanced_optimum_panel:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDCA8937-DC4C-41C1-A1CC-BF4DA36C942D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:magelis_sto5_small_panel_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E0BA1A0-E0B9-46A0-86C4-4C82A2EFCFC9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:magelis_sto5_small_panel:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4FFCC32-67D5-4120-8BA8-C56C860CFEE4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:magelis_stu_small_panel_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF991F7-68D1-489A-BEDF-468F38E8B481", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:magelis_stu_small_panel:-:*:*:*:*:*:*:*", "matchCriteriaId": "88823BB1-E5A0-4835-943F-C13EEA51F77A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:magelis_xbt_gh_advanced_hand-held_panel_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "50F7724E-7DBF-499B-BCD1-A02B86478555", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:magelis_xbt_gh_advanced_hand-held_panel:-:*:*:*:*:*:*:*", "matchCriteriaId": "126EDAD4-D08C-42B0-A621-596FCA27CF80", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B73A3B3-686C-4F64-A398-C4E810A36FF7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B98FB31-BF55-48EA-A284-627C431090CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:magelis_xbt_gt_advanced_touchscreen_panel_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "48F17071-598B-4361-8AA4-E60DC1CF02AA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:magelis_xbt_gt_advanced_touchscreen_panel:-:*:*:*:*:*:*:*", "matchCriteriaId": "92DF2AF4-045C-4E8E-AF10-A3BC0C824419", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:magelis_xbt_gtw_advanced_open_touchscreen_panel_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "229C5A41-9D33-4224-9AD8-E4C683DDD7FF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:magelis_xbt_gtw_advanced_open_touchscreen_panel:-:*:*:*:*:*:*:*", "matchCriteriaId": "735F7A66-E882-431B-B8C9-046289A20DF0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker may be able to disrupt a targeted web server, resulting in a denial of service because of UNCONTROLLED RESOURCE CONSUMPTION."}, {"lang": "es", "value": "Ha sido descubierto un problema en Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, todas las versiones, Magelis GTU Universal Panel, todas las versiones, Magelis STO5xx and STU Small panels, todas las versiones, Magelis XBT GH Advanced Hand-held Panels, todas las versiones, Magelis XBT GK Advanced Touchscreen Panels con Keyboard, todas las versiones, Magelis XBT GT Advanced Touchscreen Panels, todas las versiones y Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). Un atacante puede ser capaz de interrumpir un servidor web objetivo, causando una denegaci\u00f3n de servicio por UNCONTROLLED RESOURCE CONSUMPTION."}], "id": "CVE-2016-8374", "lastModified": "2022-02-02T02:06:41.327", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-02-13T21:59:01.283", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94093"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}