CVE-2017-6021 Information
Feb 14, 2021
cve
Description
In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior 2014 R1.1 (build 75.5387) and prior 2015 R1 (build 76.5648) and prior and 2015 R2 (build 77.5882) and prior an attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to the ClearSCADA server that can cause the ClearSCADA server process and ClearSCADA communications driver processes to terminate. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Reference
http://www.securityfocus.com/bid/96768 https://ics-cert.us-cert.gov/advisories/ICSA-17-068-01
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
7.5
Share on: