{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-3036","assignerOrgId":"2b718523-d88f-4f37-9bbd-300c20644bf9","state":"PUBLISHED","assignerShortName":"ABB","dateReserved":"2024-03-28T04:24:31.670Z","datePublished":"2024-06-21T10:26:30.550Z","dateUpdated":"2025-09-11T14:14:49.114Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"800xA Base","vendor":"ABB","versions":[{"lessThanOrEqual":"6.1.1-2","status":"affected","version":"6.0.0","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","value":"ABB acknowledges and extends gratitude to Uri Sade, Roman Dvorkin, Roni Gavrilov, and Eran Jacob of the OTORIO org for responsibly disclosing the vulnerability and providing valuable input on product improvements."}],"datePublic":"2024-06-21T05:02:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Input Validation vulnerability in ABB 800xA Base.<br>An attacker who successfully exploited this \nvulnerability could cause services to crash by sending specifically crafted messages.<br><span style=\"background-color: var(--wht);\">This issue affects 800xA Base: from 6.0.0 through 6.1.1-2.</span>"}],"value":"Improper Input Validation vulnerability in ABB 800xA Base.\nAn attacker who successfully exploited this \nvulnerability could cause services to crash by sending specifically crafted messages.\nThis issue affects 800xA Base: from 6.0.0 through 6.1.1-2."}],"metrics":[{"cvssV4_0":{"Automatable":"YES","Recovery":"AUTOMATIC","Safety":"NEGLIGIBLE","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"ADJACENT","baseScore":6.9,"baseSeverity":"MEDIUM","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"DIFFUSE","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:D/RE:M","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"HIGH","baseScore":5.7,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1284","description":"CWE-1284: Improper Validation of Specified Quantity in Input","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"2b718523-d88f-4f37-9bbd-300c20644bf9","shortName":"ABB","dateUpdated":"2025-09-08T09:33:00.218Z"},"references":[{"url":"https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch"}],"source":{"discovery":"UNKNOWN"},"title":"Communication DoS vulnerability","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"The system can be protected from network-based exploits of this vulnerability by enabling IPSec according to existing user documentation.<br><br>"}],"value":"The system can be protected from network-based exploits of this vulnerability by enabling IPSec according to existing user documentation."}],"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-06-22T16:40:26.281359Z","id":"CVE-2024-3036","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-09-11T14:14:49.114Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T19:32:42.587Z"},"title":"CVE Program Container","references":[{"url":"https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch","tags":["x_transferred"]}]}]}}