Vulnerability Details CVE-2018-12585
An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.0%
CVSS Severity
CVSS v3 Score 8.2
CVSS v2 Score 6.4
References
- http://www.securityfocus.com/bid/105538
- https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12585.pdf
- http://www.securityfocus.com/bid/105538
- https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12585.pdf
Products affected by CVE-2018-12585
-
cpe:2.3:a:opcfoundation:ua-.net-legacy:-
-
cpe:2.3:a:opcfoundation:ua-.net-legacy:1.02.336
-
cpe:2.3:a:opcfoundation:ua-.net-legacy:1.02.336.0
-
cpe:2.3:a:opcfoundation:ua-.net-legacy:1.03.340
-
cpe:2.3:a:opcfoundation:ua-.net-legacy:1.03.341
-
cpe:2.3:a:opcfoundation:ua-.net-legacy:1.03.342
-
cpe:2.3:a:opcfoundation:ua-java:-
-
cpe:2.3:a:opcfoundation:ua-java:1.02.337.8
-
cpe:2.3:a:opcfoundation:ua-java:1.03.340.0
-
cpe:2.3:a:opcfoundation:ua-java:1.03.342.0
-
cpe:2.3:a:opcfoundation:ua-java:1.3.343