CVE-2017-17443
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allow attackers to trigger a crash by placing invalid data into the configuration file. This vulnerability requires an attacker with access to the file system where the configuration file is stored; however, if the configuration file is altered the LDS will be unavailable until it is repaired.
OPC Foundation Local Discovery Server (LDS) 1.03.370 requería una actualización de seguridad para resolver múltiples vulnerabilidades que permiten que los atacantes desencadenen un cierre inesperado mediante la colocación de datos no válidos en el archivo de configuración. Esta vulnerabilidad requiere un atacante con acceso al sistema de archivos en el que se almacena el archivo de configuración; sin embargo, si se altera el archivo de configuración, LDS dejará de estar disponible hasta que se repare.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-12-06 CVE Reserved
- 2018-06-13 CVE Published
- 2024-04-22 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opcfoundation Search vendor "Opcfoundation" | Local Discovery Server Search vendor "Opcfoundation" for product "Local Discovery Server" | 1.03.370 Search vendor "Opcfoundation" for product "Local Discovery Server" and version "1.03.370" | - |
Affected
| ||||||