CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14022
https://notcve.org/view.php?id=CVE-2017-14022
An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. An unauthenticated attacker with remote access to a network with FactoryTalk Alarms and Events can send a specially crafted set of packets packet to Port 403/TCP (the history archiver service), causing the service to either stall or terminate. Se ha descubierto un problema de validación de entrada incorrecta en Rockwell Automation FactoryTalk Alarms and Events, versión 2.90 y anteriores. Un atacante sin autenticar con acceso remoto a red y con FactoryTalk Alarms and Events puede enviar un paquete que incluya un grupo de paquetes manipulados al puerto 403/TCP (el servicio archivador de historiales), lo que provocaría que el servicio se bloquease o se cerrase. • http://www.securityfocus.com/bid/102114 https://ics-cert.us-cert.gov/advisories/ICSA-17-341-02 • CWE-20: Improper Input Validation •