{"api_version":"1","generated_at":"2026-07-07T04:16:52+00:00","cve":"CVE-2017-6043","urls":{"html":"https://cve.report/CVE-2017-6043","api":"https://cve.report/api/cve/CVE-2017-6043.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-6043","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-6043"},"summary":{"title":"CVE-2017-6043","description":"A Resource Consumption issue was discovered in Trihedral VTScada Versions prior to 11.2.26. The client does not properly validate the input or limit the amount of resources that are utilized by an attacker, which can be used to consume more resources than are available.","state":"PUBLISHED","assigner":"icscert","published_at":"2017-06-21 19:29:00","updated_at":"2025-04-20 01:37:25"},"problem_types":["CWE-400","CWE-400 CWE-400"],"metrics":[{"version":"3.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"HIGH","vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.8","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securityfocus.com/bid/99066","name":"http://www.securityfocus.com/bid/99066","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Trihedral VTScada Multiple Security Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-164-01","name":"https://ics-cert.us-cert.gov/advisories/ICSA-17-164-01","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Patch","Third Party Advisory","US Government Resource"],"title":"Trihedral VTScada | ICS-CERT","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-6043","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6043","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"Trihedral VTScada","version":"affected Trihedral VTScada","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"6043","vulnerable":"1","versionEndIncluding":"11.2.23","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trihedral","cpe5":"vtscada","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-05T15:18:49.741Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-164-01"},{"name":"99066","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/99066"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"Trihedral VTScada","vendor":"n/a","versions":[{"status":"affected","version":"Trihedral VTScada"}]}],"datePublic":"2017-06-21T00:00:00.000Z","descriptions":[{"lang":"en","value":"A Resource Consumption issue was discovered in Trihedral VTScada Versions prior to 11.2.26. The client does not properly validate the input or limit the amount of resources that are utilized by an attacker, which can be used to consume more resources than are available."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-400","description":"CWE-400","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2017-06-22T09:57:01.000Z","orgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","shortName":"icscert"},"references":[{"tags":["x_refsource_MISC"],"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-164-01"},{"name":"99066","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/99066"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","ID":"CVE-2017-6043","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Trihedral VTScada","version":{"version_data":[{"version_value":"Trihedral VTScada"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A Resource Consumption issue was discovered in Trihedral VTScada Versions prior to 11.2.26. The client does not properly validate the input or limit the amount of resources that are utilized by an attacker, which can be used to consume more resources than are available."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-400"}]}]},"references":{"reference_data":[{"name":"https://ics-cert.us-cert.gov/advisories/ICSA-17-164-01","refsource":"MISC","url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-164-01"},{"name":"99066","refsource":"BID","url":"http://www.securityfocus.com/bid/99066"}]}}}},"cveMetadata":{"assignerOrgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","assignerShortName":"icscert","cveId":"CVE-2017-6043","datePublished":"2017-06-21T19:00:00.000Z","dateReserved":"2017-02-16T00:00:00.000Z","dateUpdated":"2024-08-05T15:18:49.741Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2017-06-21 19:29:00","lastModifiedDate":"2025-04-20 01:37:25","problem_types":["CWE-400","CWE-400 CWE-400"],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:trihedral:vtscada:*:*:*:*:*:*:*:*","versionEndIncluding":"11.2.23","matchCriteriaId":"CA214CB5-FBA6-4996-9B94-0E69BE2E4BBB"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"6043","Ordinal":"1","Title":"CVE-2017-6043","CVE":"CVE-2017-6043","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"6043","Ordinal":"1","NoteData":"A Resource Consumption issue was discovered in Trihedral VTScada Versions prior to 11.2.26. The client does not properly validate the input or limit the amount of resources that are utilized by an attacker, which can be used to consume more resources than are available.","Type":"Description","Title":"CVE-2017-6043"},{"CveYear":"2017","CveId":"6043","Ordinal":"2","NoteData":"2017-06-21","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"6043","Ordinal":"3","NoteData":"2017-06-22","Type":"Other","Title":"Modified"}]}}}