CVE-2025-2813 - Vulnerability Details - OpenCVE

An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Phoenixcontact	Axl F Bk Eip Axl F Bk Pn

No data.

No data.

References

Link	Providers
https://certvde.com/en/advisories/VDE-2025-029/

History

Mon, 04 Aug 2025 09:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Phoenixcontact Phoenixcontact axl F Bk Eip Phoenixcontact axl F Bk Pn
Vendors & Products		Phoenixcontact Phoenixcontact axl F Bk Eip Phoenixcontact axl F Bk Pn

Thu, 31 Jul 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 31 Jul 2025 10:15:00 +0000

Type	Values Removed	Values Added
Description		An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80.
Title		HTTP Service DoS Vulnerability
Weaknesses		CWE-770
References		https://certvde.com/en/advisories/VDE-2025-029/
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2025-07-31T10:08:24.026Z

Updated: 2025-07-31T13:16:45.046Z

Reserved: 2025-03-26T13:12:46.108Z

Link: CVE-2025-2813

Vulnrichment

Updated: 2025-07-31T13:16:40.916Z

NVD

Status : Awaiting Analysis

Published: 2025-07-31T10:15:25.913

Modified: 2025-07-31T18:42:37.870

Link: CVE-2025-2813

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2813", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2025-03-26T13:12:46.108Z", "datePublished": "2025-07-31T10:08:24.026Z", "dateUpdated": "2025-07-31T13:16:45.046Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "AXL F BK PN TPS", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.33", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK PN TPS XC", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.33", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK PN (discontinued)", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.06", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK PN XC (discontinued)", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.06", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK SAS (discontinued)", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.35", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK ETH", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.31", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK ETH XC", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.31", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK EIP", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.30", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK EIP EF", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.30", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "AXL F BK EIP XC", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.30", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "IL PN BK-PAC", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.13", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "IL ETH BK-PAC", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.00", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "IL ETH BK DI8 DO4 2TX-PAC", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.42", "status": "affected", "version": "0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "IL EIP BK DI8 DO4 2TX-PAC", "vendor": "Phoenix Contact", "versions": [{"lessThanOrEqual": "1.12", "status": "affected", "version": "0.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80.<br>"}], "value": "An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2025-07-31T10:08:24.026Z"}, "references": [{"url": "https://certvde.com/en/advisories/VDE-2025-029/"}], "source": {"advisory": "VDE-2025-029", "defect": ["CERT@VDE#641765"], "discovery": "UNKNOWN"}, "title": "HTTP Service DoS Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-31T13:16:30.485855Z", "id": "CVE-2025-2813", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-31T13:16:45.046Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2813", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-31T13:16:30.485855Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-31T13:16:40.916Z"}}], "cna": {"title": "HTTP Service DoS Vulnerability", "source": {"defect": ["CERT@VDE#641765"], "advisory": "VDE-2025-029", "discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Phoenix Contact", "product": "AXL F BK PN TPS", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.33"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK PN TPS XC", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.33"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK PN (discontinued)", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.06"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK PN XC (discontinued)", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.06"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK SAS (discontinued)", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.35"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK ETH", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.31"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK ETH XC", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.31"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK EIP", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.30"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK EIP EF", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.30"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "AXL F BK EIP XC", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.30"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "IL PN BK-PAC", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.13"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "IL ETH BK-PAC", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.00"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "IL ETH BK DI8 DO4 2TX-PAC", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.42"}], "defaultStatus": "unaffected"}, {"vendor": "Phoenix Contact", "product": "IL EIP BK DI8 DO4 2TX-PAC", "versions": [{"status": "affected", "version": "0.0", "versionType": "semver", "lessThanOrEqual": "1.12"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://certvde.com/en/advisories/VDE-2025-029/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80.", "supportingMedia": [{"type": "text/html", "value": "An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2025-07-31T10:08:24.026Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2813", "state": "PUBLISHED", "dateUpdated": "2025-07-31T13:16:45.046Z", "dateReserved": "2025-03-26T13:12:46.108Z", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "datePublished": "2025-07-31T10:08:24.026Z", "assignerShortName": "CERTVDE"}, "dataVersion": "5.1"}