CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWAA, Series A and B, Version 16.00 and prior versions; 1766-L32BXB, Series A and B, Version 16.00 and prior versions; 1766-L32BXBA, Series A and B, Version 16.00 and prior versions; and 1766-L32AWAA, Series A and B, Version 16.00 and prior versions. Insufficiently random TCP initial sequence numbers are generated, which may allow an attacker to predict the numbers from previous values. This may allow an attacker to spoof or disrupt TCP connections, resulting in a denial of service for the target device.

CVSS v3 8.6 HIGH
CVSS v2.0 9.0 HIGH

8.6^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Exploitability : 3.9 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

9.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:C

Exploitability : 10.0 / Impact : 8.5

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact COMPLETE

References

Link	Resource
http://www.securitytracker.com/id/1038546
https://ics-cert.us-cert.gov/advisories/ICSA-17-115-04	Patch Third Party Advisory US Government Resource
http://www.securitytracker.com/id/1038546
https://ics-cert.us-cert.gov/advisories/ICSA-17-115-04	Patch Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:rockwellautomation:1763-l16awa_series_a::::::::
	cpe:2.3:a:rockwellautomation:1763-l16awa_series_b::::::::
	cpe:2.3:a:rockwellautomation:1763-l16bbb_series_a::::::::
	cpe:2.3:a:rockwellautomation:1763-l16bbb_series_b::::::::
	cpe:2.3:a:rockwellautomation:1763-l16bwa_series_a::::::::
	cpe:2.3:a:rockwellautomation:1763-l16bwa_series_b::::::::
	cpe:2.3:a:rockwellautomation:1763-l16dwd_series_a::::::::
	cpe:2.3:a:rockwellautomation:1763-l16dwd_series_b::::::::

cpe:2.3:h:rockwellautomation:ab_micrologix_controller:1100:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:rockwellautomation:1766-l32awa_series_a::::::::
	cpe:2.3:a:rockwellautomation:1766-l32awa_series_b::::::::
	cpe:2.3:a:rockwellautomation:1766-l32awaa_series_a::::::::
	cpe:2.3:a:rockwellautomation:1766-l32awaa_series_b::::::::
	cpe:2.3:a:rockwellautomation:1766-l32bwa_series_a::::::::
	cpe:2.3:a:rockwellautomation:1766-l32bwa_series_b::::::::
	cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_a::::::::
	cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_b::::::::
	cpe:2.3:a:rockwellautomation:1766-l32bxb_series_a::::::::
	cpe:2.3:a:rockwellautomation:1766-l32bxb_series_b::::::::
	cpe:2.3:a:rockwellautomation:1766-l32bxba_series_a::::::::
	cpe:2.3:a:rockwellautomation:1766-l32bxba_series_b::::::::

cpe:2.3:h:rockwellautomation:ab_micrologix_controller:1400:*:*:*:*:*:*:*

History

21 Nov 2024, 03:32

Type	Values Removed	Values Added
References	~~() http://www.securitytracker.com/id/1038546 -~~	() http://www.securitytracker.com/id/1038546 -
References	~~() https://ics-cert.us-cert.gov/advisories/ICSA-17-115-04 - Patch, Third Party Advisory, US Government Resource~~	() https://ics-cert.us-cert.gov/advisories/ICSA-17-115-04 - Patch, Third Party Advisory, US Government Resource

Information

Published : 2017-06-30 03:29

Updated : 2024-11-21 03:32

NVD link : CVE-2017-7901

Mitre link : CVE-2017-7901

CVE.ORG link : CVE-2017-7901

JSON object : View

Products Affected

rockwellautomation

1766-l32bxb_series_b
1766-l32bxb_series_a
1763-l16awa_series_a
1766-l32awa_series_b
1766-l32awa_series_a
1763-l16awa_series_b
1763-l16bbb_series_a
1766-l32bwaa_series_b
1763-l16bbb_series_b
1766-l32bwaa_series_a
1766-l32bxba_series_b
1766-l32awaa_series_a
1766-l32bwa_series_a
ab_micrologix_controller
1763-l16dwd_series_a
1766-l32bwa_series_b
1766-l32bxba_series_a
1766-l32awaa_series_b
1763-l16bwa_series_a
1763-l16dwd_series_b
1763-l16bwa_series_b

CWE

CWE-343

Predictable Value Range from Previous Values

CWE-330

Use of Insufficiently Random Values

{"id": "CVE-2017-7901", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 8.5, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 3.9}]}, "published": "2017-06-30T03:29:00.797", "references": [{"url": "http://www.securitytracker.com/id/1038546", "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-115-04", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "http://www.securitytracker.com/id/1038546", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-115-04", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-343"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-330"}]}], "descriptions": [{"lang": "en", "value": "A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWAA, Series A and B, Version 16.00 and prior versions; 1766-L32BXB, Series A and B, Version 16.00 and prior versions; 1766-L32BXBA, Series A and B, Version 16.00 and prior versions; and 1766-L32AWAA, Series A and B, Version 16.00 and prior versions. Insufficiently random TCP initial sequence numbers are generated, which may allow an attacker to predict the numbers from previous values. This may allow an attacker to spoof or disrupt TCP connections, resulting in a denial of service for the target device."}, {"lang": "es", "value": "Se detect\u00f3 un problema de Rango de Valor Predecible de Valores Anteriores en los controladores l\u00f3gicos programables MicroLogix 1100 1763-L16AWA, Series A y B, versi\u00f3n 16.00 y anteriores; 1763-L16BBB, Serie A y B, versi\u00f3n 16.00 y anteriores; 1763-L16BWA, Serie A y B, versi\u00f3n 16.00 y anteriores; y 1763-L16DWD, Series A y B, versi\u00f3n 16.00 y anteriores de Allen-Bradley en Rockwell Automation y en controladores l\u00f3gicos programables MicroLogix 1400 1766-L32AWA, Series A y B, versi\u00f3n 16.00 y anteriores; 1766-L32BWA, Serie A y B, versi\u00f3n 16.00 y anteriores; 1766-L32BWAA, Serie A y B, versi\u00f3n 16.00 y anteriores; 1766-L32BXB, Serie A y B, versi\u00f3n 16.00 y anteriores; 1766-L32BXBA, Serie A y B, versi\u00f3n 16.00 y anteriores; y 1766-L32AWAA, Series A y B, versi\u00f3n 16.00 y anteriores de Allen-Bradley en Rockwell Automation. Se generan n\u00fameros de secuencia inicial TCP de aleatoriedad insuficientemente, lo que puede permitir a un atacante predecir los n\u00fameros de los valores anteriores. Esto puede permitir a un atacante suplantar o interrumpir las conexiones TCP, resultando en una denegaci\u00f3n de servicio para el dispositivo de destino."}], "lastModified": "2024-11-21T03:32:55.687", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:1763-l16awa_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E44D0CCE-EDA7-4DF2-B67B-C59DFAE7F888", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1763-l16awa_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58E4AB51-E136-4AA3-AFF9-50F240489856", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1763-l16bbb_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6006CE1E-08EC-4AFC-8F35-73B24AA7F08D", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1763-l16bbb_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F52398D3-996E-4291-887F-6B8E0AF24AFF", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1763-l16bwa_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61603F24-7505-4A9E-BA9E-57C7B5A60A6E", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1763-l16bwa_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9558148B-3000-4D83-9AB0-380D7FBB0C9A", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1763-l16dwd_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C805AFD6-481C-4A32-9CE8-281F9B793263", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1763-l16dwd_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC9E1F42-4F17-4EA4-8D0F-30220F560A0E", "versionEndIncluding": "16.000"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:ab_micrologix_controller:1100:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FA98842B-9D09-4C37-AB34-4E9FA566BAD8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:1766-l32awa_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C8E3AF6-1017-4A18-99CA-854F1022ED66", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32awa_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A093AA8B-7DB9-4373-AE8F-F8B879A4BE5E", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32awaa_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25DA9309-964B-4C1C-8B95-9C1CD80DDC74", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32awaa_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D51D3F6-ABB3-4FFD-81D5-B3D3C29F0A46", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32bwa_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC05C3A1-1042-46AD-83D8-765AF4C9BCD9", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32bwa_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6218A006-1F60-4E29-85CC-7D1BCBD7C734", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B863572-CECF-47DF-AF6F-C25F88200DBE", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32bwaa_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59BEBB0E-8C6E-4663-9E0C-E755C2EF0041", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32bxb_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1303D987-4A44-4F33-992E-0C7E683EC7A9", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32bxb_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E7D8E09-D97D-45FF-9AD0-A9B0A846E600", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32bxba_series_a:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D9C64FB-A613-4940-86E6-95431B907159", "versionEndIncluding": "16.000"}, {"criteria": "cpe:2.3:a:rockwellautomation:1766-l32bxba_series_b:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5C50D4A-EB32-4BE4-B9E6-D25494E2EF55", "versionEndIncluding": "16.000"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:ab_micrologix_controller:1400:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFF2EF59-F451-490D-A7AF-E66D11493948"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}

8.6 /10