Vulnerability Details CVE-2023-32787
The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.1%
CVSS Severity
CVSS v3 Score 7.5
References
- https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-32787.pdf
- https://github.com/OPCFoundation/UA-Java-Legacy
- https://github.com/OPCFoundation/UA-Java-Legacy/commit/6f176f2b445a27c157f1a32f225accc9ce8873c0
- https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-32787.pdf
- https://github.com/OPCFoundation/UA-Java-Legacy
- https://github.com/OPCFoundation/UA-Java-Legacy/commit/6f176f2b445a27c157f1a32f225accc9ce8873c0
Products affected by CVE-2023-32787
-
cpe:2.3:a:opcfoundation:ua_java_legacy:-
-
cpe:2.3:a:prosysopc:ua_historian:-
-
cpe:2.3:a:prosysopc:ua_historian:1.0.0
-
cpe:2.3:a:prosysopc:ua_historian:1.1.0
-
cpe:2.3:a:prosysopc:ua_historian:1.1.2
-
cpe:2.3:a:prosysopc:ua_historian:1.1.4
-
cpe:2.3:a:prosysopc:ua_historian:1.1.6
-
cpe:2.3:a:prosysopc:ua_historian:1.1.8
-
cpe:2.3:a:prosysopc:ua_modbus_server:-
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.0.0
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.0.2
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.1.0
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.1.2
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.1.4
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.2.0
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.2.2
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.3.0
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.3.2
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.3.4
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.0
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.10
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.12
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.14
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.16
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.18
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.2
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.4
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.6
-
cpe:2.3:a:prosysopc:ua_modbus_server:1.4.8
-
cpe:2.3:a:prosysopc:ua_simulation_server:4.0.0
-
cpe:2.3:a:prosysopc:ua_simulation_server:4.0.2
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.0.0
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.0.2
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.0.4
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.0.6
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.0.8
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.1.0
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.1.2
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.1.4
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.2.0
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.2.2
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.3.0
-
cpe:2.3:a:prosysopc:ua_simulation_server:5.4.0