Cogent DataHub < 6.4.3 OPC Client Reconnection Saturation Remote DoS

medium Nessus Plugin ID 91622

Synopsis

The remote host is running an application that is affected by a denial of service vulnerability.

Description

The remote host is running a version of Cogent DataHub that is prior to 6.4.3. It is, therefore, affected by a denial of service vulnerability that is triggered during the handling of a saturation of reconnection attempts. An unauthenticated, remote attacker can exploit this to crash the service.

Solution

Upgrade to Cogent DataHub version 6.4.3 or later.

See Also

https://www.softwaretoolbox.com/cogentdatahub.html

Plugin Details

Severity: Medium

ID: 91622

File Name: scada_cogent_datahub_6_4_3.nbin

Version: 1.63

Type: remote

Family: SCADA

Published: 6/15/2016

Updated: 5/20/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:cogentdatahub:cogent_datahub

Required KB Items: SCADA/cogent_datahub

Patch Publication Date: 3/2/2008

Vulnerability Publication Date: 3/2/2008