CVE-2023-2778 - OpenCVE

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Factorytalk Transaction Manager

Configuration 1 [-]

cpe:2.3:a:rockwellautomation:factorytalk_transaction_manager:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139744

History

No history.

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2023-06-13T20:35:18.449Z

Updated: 2024-08-02T06:33:05.706Z

Reserved: 2023-05-17T18:40:49.427Z

Link: CVE-2023-2778

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-06-13T21:15:10.103

Modified: 2023-06-26T14:05:00.940

Link: CVE-2023-2778

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2778", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-05-17T18:40:49.427Z", "datePublished": "2023-06-13T20:35:18.449Z", "dateUpdated": "2024-08-02T06:33:05.706Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FactoryTalk Transaction Manager", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=v13.10"}]}], "datePublic": "2023-06-13T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS.</span>"}], "value": "\nA denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS."}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-06-13T20:35:18.449Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139744"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Customers using the affected software are encouraged to apply the risk mitigations below, if possible. Additionally, we encourage our customers to implement our suggested security best practices to minimize the risk of the vulnerability.</span><ul><li>Customers should follow the instructions in <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138425\">BF29042 - Patch: Multiple issues, FactoryTalk Transaction Manager 13.00/13.10</a> to install the patch to mitigate the issue.</li></ul>\n\n<br>"}], "value": "\nCustomers using the affected software are encouraged to apply the risk mitigations below, if possible. Additionally, we encourage our customers to implement our suggested security best practices to minimize the risk of the vulnerability. * Customers should follow the instructions in BF29042 - Patch: Multiple issues, FactoryTalk Transaction Manager 13.00/13.10 https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138425 \u00a0to install the patch to mitigate the issue.\n\n\n\n\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-Service", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:33:05.706Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139744", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_transaction_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F257388C-3757-4714-9E3F-358FDC5C6C67", "versionEndIncluding": "13.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nA denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS."}], "id": "CVE-2023-2778", "lastModified": "2023-06-26T14:05:00.940", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2023-06-13T21:15:10.103", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139744"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}