PT-2024-5549 · Aveva · Aveva Suitelink Server+5
Published
2024-08-13
·
Updated
2024-08-14
·
CVE-2024-7113
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
AVEVA SuiteLink Server (affected versions not specified)
Description
The issue is related to unlimited resource allocation in the SuiteLink server of AVEVA software products, including Historian, InTouch, Application Server, Communication Drivers Pack, and Batch Management. If exploited, this could cause the SuiteLink server to consume excessive system resources, leading to a slowdown in the processing of Data I/O for the duration of the attack. This could allow a remote attacker to cause a denial of service.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aveva Suitelink Server
Application Server
Batch Management
Communication Drivers Pack
Historian
Intouch