CVE-2017-9631
HIGHSchneider Electric Wonderware ArchestrA Logger <2017.426.2307.1 - DoS
Title source: llmDescription
A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attacker to crash the logger process, causing a denial of service for logging and log-viewing (applications that use the Wonderware ArchestrA Logger continue to run when the Wonderware ArchestrA Logger service is unavailable).
References (4)
Core 4
Core References
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99488
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04
Vendor Advisory x_refsource_misc
http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116/
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038836
Scores
CVSS v3
7.5
EPSS
0.0114
EPSS Percentile
78.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (2)
n/a/Schneider Electric Wonderware ArchestrA Logger
Schneider Electric Wonderware ArchestrA Logger
schneider-electric/wonderware_archestra_logger
< 2017.426.2307.1
Published
Jul 07, 2017
Tracked Since
Feb 18, 2026