CVE

CVE-2023-5915

Severity:

MEDIUM

Type:

Unavailable / Other

Publication date:

01/12/2023

Last modified:

08/12/2023

Description

A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet. While sending the packet, the maintenance homepage of the controller could not be accessed. Therefore, functions of the maintenance homepage, changing configuration, viewing logs, etc. are not available. But the controller’s operation is not stopped by the condition.<br /> <br /> The affected products and versions are as follows: STARDOM FCN/FCJ R1.01 to R4.31.<br />

Impact

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS v3.1 Severity and Metrics:

Base Score: 5.30 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): Low

Base Score 3.x

5.30

Severity 3.x

MEDIUM

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:yokogawa:stardom_fcj_firmware::::::::	r1.01 (including)	r4.31 (including)
cpe:2.3:h:yokogawa:stardom_fcj:-:::::::*
cpe:2.3:o:yokogawa:stardom_fcn_firmware::::::::	r1.01 (including)	r4.31 (including)
cpe:2.3:h:yokogawa:stardom_fcn:-:::::::*

To consult the complete list of CPE names with products and versions, see this page

CVE-2023-5915

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools