CVE-2019-10954

{"id": "CVE-2019-10954", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-05-01T19:29:00.237", "references": [{"url": "http://www.securityfocus.com/bid/108118", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "[email protected]"}, {"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979", "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/108118", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-121"}]}, {"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier."}, {"lang": "es", "value": "Un atacante podr\u00eda enviar paquetes SMTP creados para causar una condici\u00f3n de denegaci\u00f3n de servicio en la que el controlador entra en un estado de fallo superior no recuperable (MNRF) en los controladores CompactLogix 5370 L1, L2 y L3, los controladores Compact GuardLogix 5370 y los controladores Armor Compact GuardLogix 5370 de las versiones 20 a 30.014 y anteriores."}], "lastModified": "2026-02-20T19:21:39.543", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "784B3054-96B7-4559-A6E8-FE3F2158BAD8", "versionEndIncluding": "30.014", "versionStartIncluding": "20.011"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "848B3145-24E4-445B-958A-4C3F84C4546C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F4DA02C-77E5-40A2-99B4-5A9475A2479A", "versionEndIncluding": "30.014", "versionStartIncluding": "20.011"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "65092726-5567-488C-9E32-DC42D34E111D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2C54374-E2EA-455E-AEDC-E587306258A5", "versionEndIncluding": "30.014", "versionStartIncluding": "20.011"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52C2F377-6F0D-4752-A4A3-C40604A8575D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C29BC1EB-CF08-443B-991D-7E1C4A12F974", "versionEndIncluding": "30.014", "versionStartIncluding": "20.011"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6F951670-AF4D-4429-8BC1-79BDEF83B2C3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:armor_compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10B94862-EBE9-4CBC-80C2-D65131035F34", "versionEndIncluding": "30.014", "versionStartIncluding": "20.011"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:armor_compact_guardlogix_5370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "03FAA30B-C345-4DD4-A686-50989ADF4CC5"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}