CVE-2013-0693

{"id": "CVE-2013-0693", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-10-03T11:04:37.430", "references": [{"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-259-01", "tags": ["US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive information about device presence by listening for broadcast traffic."}, {"lang": "es", "value": "El kernel en ENEA OSE de Emerson Process Management ROC800 RTU con software 3.50 y anteriores, DL8000 RTU con software 2.30 y anteriores, y ROC800L RTU con software 1.20 y anteriores realiza difusiones network-beacon, lo que permite a atacantes remotos obtener informaci\u00f3n potencialmente sensible acerca de la presencia del dispositivo escuchando el tr\u00e1fico de difusi\u00f3n."}], "lastModified": "2013-10-03T18:05:49.207", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:enea:ose:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54CB70DF-F2C3-481A-852A-1A83909F0974", "versionEndIncluding": "1.20"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:emerson:roc_800l_remote_terminal_unit:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1935960D-E2BF-4348-AE45-29DDC1683C8D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:enea:ose:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D25E1CE-72CF-4D4B-940F-720362EC5B19", "versionEndIncluding": "2.30"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:emerson:dl_8000_remote_terminal_unit:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E57C5C99-9480-4506-B8B4-A83485050B91"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:enea:ose:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D91452FC-4D1C-470E-A886-E7BDA49A2DBE", "versionEndIncluding": "3.50"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:emerson:roc_800_remote_terminal_unit:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80C553AD-326E-4135-BA54-35830CD6B13C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}