{"api_version":"1","generated_at":"2026-04-22T23:08:00+00:00","cve":"CVE-2017-9627","urls":{"html":"https://cve.report/CVE-2017-9627","api":"https://cve.report/api/cve/CVE-2017-9627.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-9627","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-9627"},"summary":{"title":"CVE-2017-9627","description":"An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service.","state":"PUBLIC","assigner":"ics-cert@hq.dhs.gov","published_at":"2017-07-07 17:29:00","updated_at":"2023-02-01 17:38:00"},"problem_types":["CWE-400"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/99488","name":"99488","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Schneider Wonderware ArchestrA Logger ICSA-17-187-04 Multiple Security Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securitytracker.com/id/1038836","name":"1038836","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"Wonderware Information Server Flaws in ArchestrA Logger Component RPC Interface Let Remote Users Deny Service and Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04","name":"https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04","refsource":"MISC","tags":["Third Party Advisory","US Government Resource"],"title":"Schneider Electric Wonderware ArchestrA Logger | ICS-CERT","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116/","name":"http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116/","refsource":"MISC","tags":["Vendor Advisory"],"title":"AVEVA - Global Leader in Industrial Software","mime":"application/pdf","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-9627","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9627","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"9627","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"schneider-electric","cpe5":"wonderware_archestra_logger","cpe6":"2017.426.2307.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"9627","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"schneider_electric","cpe5":"wonderware_archestra_logger","cpe6":"2017.426.2307.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"9627","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"schneider_electric","cpe5":"wonderware_archestra_logger","cpe6":"2017.426.2307.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","ID":"CVE-2017-9627","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Schneider Electric Wonderware ArchestrA Logger","version":{"version_data":[{"version_value":"Schneider Electric Wonderware ArchestrA Logger"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-400"}]}]},"references":{"reference_data":[{"name":"99488","refsource":"BID","url":"http://www.securityfocus.com/bid/99488"},{"name":"https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04","refsource":"MISC","url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04"},{"name":"http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116/","refsource":"MISC","url":"http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116/"},{"name":"1038836","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1038836"}]}},"nvd":{"publishedDate":"2017-07-07 17:29:00","lastModifiedDate":"2023-02-01 17:38:00","problem_types":["CWE-400"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":8.6,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:schneider-electric:wonderware_archestra_logger:2017.426.2307.1:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"9627","Ordinal":"106650","Title":"CVE-2017-9627","CVE":"CVE-2017-9627","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"9627","Ordinal":"1","NoteData":"An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"9627","Ordinal":"2","NoteData":"2017-07-07","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"9627","Ordinal":"3","NoteData":"2017-07-11","Type":"Other","Title":"Modified"}]}}}