CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14022

An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. An unauthenticated attacker with remote access to a network with FactoryTalk Alarms and Events can send a specially crafted set of packets packet to Port 403/TCP (the history archiver service), causing the service to either stall or terminate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www.securityfocus.com/bid/102114
https://ics-cert.us-cert.gov/advisories/ICSA-17-341-02
http://www.securityfocus.com/bid/102114
https://ics-cert.us-cert.gov/advisories/ICSA-17-341-02

Products affected by CVE-2017-14022

Rockwellautomation » Factorytalk Alarms And Events » Version: N/A

cpe:2.3:a:rockwellautomation:factorytalk_alarms_and_events:-
Rockwellautomation » Factorytalk Alarms And Events » Version: 2.90

cpe:2.3:a:rockwellautomation:factorytalk_alarms_and_events:2.90

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14022

Products

Pricing

Contact Us