| Vulnerability Name: | CVE-2017-11401 (CCN-135209) | ||||||||||||
| Assigned: | 2017-11-06 | ||||||||||||
| Published: | 2017-11-06 | ||||||||||||
| Updated: | 2019-10-03 | ||||||||||||
| Summary: | An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering. | ||||||||||||
| CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2017-11401 Source: XF Type: UNKNOWN belden-cve201711401-sec-bypass(135209) Source: MISC Type: Third Party Advisory https://github.com/airbus-seclab/security-advisories/blob/master/belden/tofino.txt Source: CCN Type: Belden Security Bulletin BSECV-2017-14 Potential Tofino Firmware Signing Protocol Filtering Evasion /Firewall Bypass Source: MISC Type: Vendor Advisory https://www.belden.com/hubfs/support/security/bulletins/Belden-Security-Bulletin-BSECV-2017-14-1v1-1.pdf | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||