SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-599525315] Rockwell Automation Stratix 5900

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-05-09OtherRockwell AutomationCisco Systems, Inc. reported these vulnerabilities to Rockwell Automation. N/ACVE-2016-6380 CVE-2016-6393 CVE-2016-6384 CVE-2016-6381 CVE-2016N/AN/AN/A

Source

						
							
								
#
# Rockwell Automation Stratix 5900
#


### VULNERABLE VENDOR
Rockwell Automation


### VULNERABLE PRODUCT
Stratix 5900



### RESEARCHER
Cisco Systems, Inc. reported these vulnerabilities to Rockwell Automation.



### AFFECTED PRODUCTS

Rockwell Automation reports that these vulnerabilities affect the following Stratix 5900 Services Routers:

Stratix 5900, All Versions prior to 15.6.3.



### IMPACT

An attacker who exploits these vulnerabilities may be able to perform man-in-the-middle attacks, create denial of service conditions, or remotely execute arbitrary code.



### VULNERABILITY OVERVIEW


IMPROPER INPUT VALIDATION CWE-20

Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability(link is external).

CVE-2016-6380 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability(link is external).

CVE-2016-6393 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS and IOS XE Software H.323 Message Validation Denial of Service Vulnerability(link is external).

CVE-2016-6384 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability(link is external).

CVE-2016-6381 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities(link is external).

CVE-2016-6382 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


INFORMATION EXPOSURE CWE-200

IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products(link is external).

CVE-2016-6415 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).


INPUT VALIDATION CWE-20 

Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability(link is external).

CVE-2016-1409 has been assigned to this vulnerability. A CVSS v3 base score of 5.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability(link is external).

CVE-2016-1350 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability(link is external).

CVE-2016-1344 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H).


INTEGER OVERFLOW OR WRAPAROUND CWE 190

IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119

IMPROPER INPUT VALIDATION CWE-20

PATH TRAVERSAL CWE-22

PERMISSIONS, PRIVILEGES, AND ACCESS CONTROLS CWE-264

IMPROPER AUTHENTICATION CWE-287

RESOURCE MANAGEMENT ERRORS CWE 399

Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015(link is external).

CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, and CVE-2015-7871 have been assigned to these vulnerabilities. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L).


IMPROPER AUTHENTICATION CWE-287

Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products(link is external).

CVE-2015-1798  and CVE-2015-1799 have been assigned to this vulnerability. A CVSS v3 base score of 5.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N).


INPUT VALIDATION CWE 20

RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities(link is external).

CVE-2015-0642  and CVE-2015-0643 have been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability(link is external).

CVE-2015-0646 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119

IMPROPER INPUT VALIDATION CWE-20

CRYPTOGRAPHIC ISSUES CWE 310

Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products(link is external).

CVE-2015-0207, CVE-2015-0209, CVE-2015-0285, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0290, CVE-2015-0291, CVE-2015-0292, CVE-2015-0293, and CVE-2015-1787 have been assigned to these vulnerabilities. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N).


CRYPTOGRAPHIC ISSUES CWE 310

SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability(link is external).

CVE-2014-3566 has been assigned to this vulnerability. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability(link is external).

CVE-2014-3359 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software Metadata Vulnerabilities(link is external).

CVE-2014-3355 and CVE-2014-3356 have been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


IMPROPER INPUT VALIDATION CWE-20

Cisco IOS Software Network Address Translation Denial of Service Vulnerability(link is external).

CVE-2014-3361 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software RSVP Vulnerability(link is external).

CVE-2014-3354 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


NUMERIC ERRORS CWE 189

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability(link is external).

CVE-2014-3360 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software IPsec Denial of Service Vulnerability(link is external).

CVE-2014-3299 has been assigned to this vulnerability. A CVSS v3 base score of 7.7 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).


CRYPTOGRAPHIC ISSUES CWE-310

RACE CONDITION CWE-362

IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119

RESOURCE MANAGEMENT ERRORS CWE-399

NULL POINTER DEREFERENCE CWE-476

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products(link is external).

CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, and CVE-2014-3470 have been assigned to these vulnerabilities. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).


IMPROPER INPUT VALIDATION CWE-20

Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability(link is external).

CVE-2014-2113 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability(link is external).

CVE-2014-2108 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


IMPROPER INPUT VALIDATION CWE-20

RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software Network Address Translation Vulnerabilities(link is external).

CVE-2014-2109 and CVE-2014-2111 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


IMPROPER INPUT VALIDATION CWE-20

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability(link is external).

CVE-2014-2106 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).


RESOURCE MANAGEMENT ERRORS CWE 399

Cisco IOS Software SSL VPN Denial of Service Vulnerability(link is external).

CVE-2014-2112 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).





### BACKGROUND

Critical Infrastructure Sectors: Critical Manufacturing, Energy, Water and Wastewater Systems
Area Deployed: Worldwide
Company Headquarters Location: United States




### MITIGATION

Rockwell Automation has provided a new firmware version, Version 15.6.3, to mitigate these vulnerabilities.

Rockwell Automation encourages users of the affected versions to update to the latest available software versions addressing the associated risk, and including improvements to further harden the software and enhance its resilience against similar malicious attacks. Users can find the latest firmware version by searching for their device at the following web site:

http://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?famID=15


Additional precautions and risk mitigation strategies specific to these types of attacks are recommended in the Rockwell Automation security release. When possible, multiple strategies should be implemented simultaneously.

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1041191


Please also refer to Cisco's security advisories (linked below) for additional workarounds and details for these vulnerabilities.