{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-08-05T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout policies and random-number generators based on timestamps, and makes timestamps for data analysis unreliable. NOTE: the vendor reports that this is largely irrelevant because it only affects log-entry timestamps, and because the plant time would later be reset via NTP. (It has never been the case that a lockout policy or random-number generator was affected.) Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-21T08:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.sma.de/en/statement-on-cyber-security.html"}, {"tags": ["x_refsource_MISC"], "url": "https://horusscenario.com/CVE-information/"}, {"tags": ["x_refsource_MISC"], "url": "http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-9864", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout policies and random-number generators based on timestamps, and makes timestamps for data analysis unreliable. NOTE: the vendor reports that this is largely irrelevant because it only affects log-entry timestamps, and because the plant time would later be reset via NTP. (It has never been the case that a lockout policy or random-number generator was affected.) Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.sma.de/en/statement-on-cyber-security.html", "refsource": "MISC", "url": "http://www.sma.de/en/statement-on-cyber-security.html"}, {"name": "https://horusscenario.com/CVE-information/", "refsource": "MISC", "url": "https://horusscenario.com/CVE-information/"}, {"name": "http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf", "refsource": "MISC", "url": "http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T17:18:02.192Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.sma.de/en/statement-on-cyber-security.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://horusscenario.com/CVE-information/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-9864", "datePublished": "2017-08-05T17:00:00", "dateReserved": "2017-06-24T00:00:00", "dateUpdated": "2024-08-05T17:18:02.192Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FF135EE-B9B5-41B4-ADD5-A28EAAD794BE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*", "matchCriteriaId": "66A72AD7-33EC-4B93-BF10-DB6DC78AFC00", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DA6E217-2C7E-485B-90DB-6B962C02DD68", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "E381975C-AC80-4797-9D60-21A8FEEBA71C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D33CE8B-F38A-4E06-9888-E1C6FB2EF17C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A24A14C-E510-479F-86ED-050502912FE7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AFE4BC8-80B8-4C16-B6B1-3458B54B61EE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E930476-4BB4-44FB-94EF-B327B7016C64", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A21E55C7-EF78-46DF-B221-0D16F76D16C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "82E14A85-4A8F-441B-B457-39A8CB114272", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7210BF3C-EA34-4805-A596-9B818EE231F7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "A58780AF-6A20-44FE-9627-7ED1965DC6D4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C37031D3-E12D-450C-9DAF-E57E70A179FF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "3916D5DB-736B-4958-A62C-29F8DACFE4AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BB8A5FD-512F-48CE-B9DB-B61228178515", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CD72861-42E9-4DD0-A71F-91C327245A18", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "22BDD3FF-D9B4-473B-8495-D8EE7D236C70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*", "matchCriteriaId": "2513FDCE-0DB9-4A3C-BACC-636476BB47A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "803BA76D-0221-4820-855A-8647B70AF590", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E68A664-FB5B-466F-AB6D-0EB6C76E5EA0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "96F089F6-9A2B-4D27-94A4-2B59683C044B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "77CF17FB-7E59-4407-B9E5-02EE8329EE16", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F004C609-A8C6-4A69-A9CA-670D28060948", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0263729-F7F5-4F06-9845-432F248B0010", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8305C0A5-CD69-42ED-94F8-A548997ECE04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*", "matchCriteriaId": "D42C5BD9-4348-4E0C-9F76-2BDA1A5ADBFB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7ABAC551-0937-4C35-B367-E082216973A5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E6499AD-A269-4D05-9562-975C59659563", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DCE97058-71A8-4594-8D1C-44EED65137FA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*", "matchCriteriaId": "E999A43F-820D-4281-9393-C8641CFDCC37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A48FB31D-3CC8-4506-976D-ED65B9CEC3BA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*", "matchCriteriaId": "DCE8CFE7-2C58-4C98-A806-6010ACAF0127", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EA13E68-78D0-4EA3-9D1E-5E34E55EBFA8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C472660-FAF7-48FB-9190-D85EB317197E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E830DAA-4072-48C8-B047-56CA7D61C48A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*", "matchCriteriaId": "024BC798-2EC6-404E-9B2A-32F661823474", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5A48910-3876-426B-AB95-0EA5F08D4883", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1EF8258-E693-4E18-A7AC-F0A7C40F5211", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "98C2345E-E79E-4AAA-AF19-1914F508F5D5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*", "matchCriteriaId": "287A5EC9-69D7-452A-8667-A54D8B890A53", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "14616A98-3829-41DF-BB99-011A617FA45A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "2202672A-9402-4B55-95B2-0341BD216AA5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "40C43D9A-29EC-4AE0-99F4-5EE700905D0D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "C685EA76-43AE-4354-9C07-122F4D070074", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF640501-1D66-40B3-B473-B8844D7F8C62", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE3A2CAD-4435-418A-9380-2F5F6A60703F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C788BEC5-7DE7-4CA7-9F1C-0F515FEC077E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB862CD2-BA9D-4C95-ABDE-2F6EC23C9C30", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D310BA4B-734C-41BF-BDAF-DCBFE26264AE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "60266D0B-6195-4737-A6EB-6B46B81E0616", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "89052ECC-5760-4D13-B320-5860C22B52C6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DB5CF00-8E95-48A7-94EC-6E98E77C998A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "65922D8F-AF83-4DE5-AF8C-B64C27A99A7A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC865DBB-C763-4063-ADD9-0D230D91C591", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A8484D2-BA3E-4C87-A392-157B112D3222", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD088AB2-1C70-4C86-A25C-05B59D566E09", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "05D94A22-FF34-411B-BF12-767CE2518B8D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*", "matchCriteriaId": "47B541D1-2B28-430A-9AE4-3A67FD6E42D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A0A4615-BA47-4E3D-8B6C-3CF5B2CC84C7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B76D414-9B83-47EF-BCC5-EC9FDDF7A4A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2AC8D9CD-9F52-4257-ACB8-1881ADAB70E5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D33F707-E03E-4221-A65B-DE694B7BBA85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F7508D9-EAAC-4D68-85B7-013AF5DAF3EC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*", "matchCriteriaId": "3785766A-5450-4AE0-BFE6-11E4D298BB36", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3809F04D-7E1E-4197-AC7A-D84A74609E33", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5B6A3F5-1C14-4001-9B63-8F75C25850AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9EC9291B-FF03-463E-A935-267E11B2AC0B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8D43021-CFF4-4AA8-A926-97D093EFED9B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1DD66DB1-9FFE-4C04-A518-AB93C3F513A5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*", "matchCriteriaId": "72879781-EA14-49DC-9586-E6FF3871E0E4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0892FC47-F5B2-4655-9FCE-6CE1F83012C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "98D59F07-E40A-4801-B552-B8CD9B948741", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A867B7BA-E6ED-4E7B-A660-95E7B7140644", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAC1DC9B-F825-4E56-BAF6-8A1F2997F2B6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FCB33BAA-3995-4914-8DB0-D43A4762A6A9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*", "matchCriteriaId": "B488C87D-A594-49E1-B5D9-F951EE180304", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B282A58C-280A-48BA-B454-980B21FAE9AA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*", "matchCriteriaId": "AAF5AD56-F1CF-4383-B676-9935BD50BBE3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout policies and random-number generators based on timestamps, and makes timestamps for data analysis unreliable. NOTE: the vendor reports that this is largely irrelevant because it only affects log-entry timestamps, and because the plant time would later be reset via NTP. (It has never been the case that a lockout policy or random-number generator was affected.) Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected"}, {"lang": "es", "value": "** EN DISPUTA ** Se ha descubierto un problema en productos SMA Solar Technology. Un atacante puede cambiar la hora de la planta sin estar autenticado de ninguna forma. Esto cambia la hora del sistema, lo que podr\u00eda afectar a las pol\u00edticas de bloqueo y generadores de n\u00fameros aleatorios basados en marca de tiempo. Adem\u00e1s, hace imposible confiar en las marcas de tiempo de los an\u00e1lisis de datos. NOTA: El fabricante reporta que es bastante irrelevante por que solo afecta a marcas de tiempo del log-entry, y por que la planta ser\u00eda reiniciada via NTP. (Nunca se ha dado el caso en el que afectara la pol\u00edtica de bloqueo o la generaci\u00f3n de n\u00fameros aleatorios.) Adem\u00e1s, solo Sunny Boy TLST-21 y TL-21 y Sunny Tripower TL-10 y TL-30 podr\u00edan estar potencialmente afectados."}], "id": "CVE-2017-9864", "lastModified": "2024-08-05T18:15:30.877", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-08-05T17:29:00.850", "references": [{"source": "cve@mitre.org", "url": "http://www.sma.de/en/statement-on-cyber-security.html"}, {"source": "cve@mitre.org", "url": "http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://horusscenario.com/CVE-information/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}