CVE-2017-20024 - OpenCVE

A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Solar-log	Solar-log 1000 Solar-log 1000 Firmware Solar-log 1000 Pm\+ Solar-log 1000 Pm\+ Firmware Solar-log 1200 Solar-log 1200 Firmware Solar-log 2000 Solar-log 2000 Firmware Solar-log 250 Solar-log 250 Firmware Solar-log 300 Solar-log 300 Firmware Solar-log 500 Solar-log 500 Firmware Solar-log 800e Solar-log 800e Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:solar-log:solar-log_250_firmware:2.8.4-56:::::::*
	cpe:2.3:o:solar-log:solar-log_250_firmware:3.5.2-85:::::::*

cpe:2.3:h:solar-log:solar-log_250:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:solar-log:solar-log_300_firmware:2.8.4-56:::::::*
	cpe:2.3:o:solar-log:solar-log_300_firmware:3.5.2-85:::::::*

cpe:2.3:h:solar-log:solar-log_300:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:solar-log:solar-log_500_firmware:2.8.4-56:::::::*
	cpe:2.3:o:solar-log:solar-log_500_firmware:3.5.2-85:::::::*

cpe:2.3:h:solar-log:solar-log_500:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:solar-log:solar-log_800e_firmware:2.8.4-56:::::::*
	cpe:2.3:o:solar-log:solar-log_800e_firmware:3.5.2-85:::::::*

cpe:2.3:h:solar-log:solar-log_800e:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

OR	cpe:2.3:o:solar-log:solar-log_1000_firmware:2.8.4-56:::::::*
	cpe:2.3:o:solar-log:solar-log_1000_firmware:3.5.2-85:::::::*

cpe:2.3:h:solar-log:solar-log_1000:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

OR	cpe:2.3:o:solar-log:solar-log_1000_pm\+_firmware:2.8.4-56:::::::*
	cpe:2.3:o:solar-log:solar-log_1000_pm\+_firmware:3.5.2-85:::::::*

cpe:2.3:h:solar-log:solar-log_1000_pm\+:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

OR	cpe:2.3:o:solar-log:solar-log_1200_firmware:2.8.4-56:::::::*
	cpe:2.3:o:solar-log:solar-log_1200_firmware:3.5.2-85:::::::*

cpe:2.3:h:solar-log:solar-log_1200:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

OR	cpe:2.3:o:solar-log:solar-log_2000_firmware:2.8.4-56:::::::*
	cpe:2.3:o:solar-log:solar-log_2000_firmware:3.5.2-85:::::::*

cpe:2.3:h:solar-log:solar-log_2000:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://seclists.org/fulldisclosure/2017/Mar/58
https://vuldb.com/?id.98934

History

No history.

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2022-06-09T22:35:58

Updated: 2024-08-05T21:45:24.642Z

Reserved: 2022-06-05T00:00:00

Link: CVE-2017-20024

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-06-09T23:15:08.220

Modified: 2022-06-17T14:32:07.230

Link: CVE-2017-20024

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object