Vulnerabilites related to aveva - edge
var-202211-1444
Vulnerability from variot
An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed. AVEVA of edge Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. AVEVA Edge is a highly scalable and flexible HMI/SCADA software from AVEVA.
There are security vulnerabilities in AVEVA Edge 2020 R2 and its previous versions, which may be exploited by attackers to affect the confidentiality, availability, or integrity of the system. There are currently no vulnerability details
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202211-1444",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "edge",
"scope": "eq",
"trust": 1.8,
"vendor": "aveva",
"version": "2020"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "edge",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "edge r2",
"scope": "lte",
"trust": 0.6,
"vendor": "aveva",
"version": "\u003c=2020"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85520"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"db": "NVD",
"id": "CVE-2021-42796"
}
]
},
"cve": "CVE-2021-42796",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-85520",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-42796",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-42796",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-42796",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2021-42796",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-42796",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2022-85520",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202211-3369",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85520"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3369"
},
{
"db": "NVD",
"id": "CVE-2021-42796"
},
{
"db": "NVD",
"id": "CVE-2021-42796"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed. AVEVA of edge Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. AVEVA Edge is a highly scalable and flexible HMI/SCADA software from AVEVA. \n\r\n\r\nThere are security vulnerabilities in AVEVA Edge 2020 R2 and its previous versions, which may be exploited by attackers to affect the confidentiality, availability, or integrity of the system. There are currently no vulnerability details",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-42796"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"db": "CNVD",
"id": "CNVD-2022-85520"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-42796",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-22-326-01",
"trust": 1.9
},
{
"db": "AUSCERT",
"id": "ESB-2022.6114.2",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU97763467",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020761",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-85520",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3369",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-42796",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85520"
},
{
"db": "VULMON",
"id": "CVE-2021-42796"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3369"
},
{
"db": "NVD",
"id": "CVE-2021-42796"
}
]
},
"id": "VAR-202211-1444",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85520"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85520"
}
]
},
"last_update_date": "2024-10-08T21:24:18.115000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"db": "NVD",
"id": "CVE-2021-42796"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
},
{
"trust": 1.8,
"url": "https://www.aveva.com/en/products/edge/"
},
{
"trust": 1.2,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6114.2"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97763467/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-42796"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85520"
},
{
"db": "VULMON",
"id": "CVE-2021-42796"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3369"
},
{
"db": "NVD",
"id": "CVE-2021-42796"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-85520"
},
{
"db": "VULMON",
"id": "CVE-2021-42796"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3369"
},
{
"db": "NVD",
"id": "CVE-2021-42796"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-85520"
},
{
"date": "2024-01-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"date": "2022-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202211-3369"
},
{
"date": "2023-12-16T01:15:07.540000",
"db": "NVD",
"id": "CVE-2021-42796"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-85520"
},
{
"date": "2024-01-16T01:38:00",
"db": "JVNDB",
"id": "JVNDB-2021-020761"
},
{
"date": "2022-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202211-3369"
},
{
"date": "2024-10-07T19:36:11.143000",
"db": "NVD",
"id": "CVE-2021-42796"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AVEVA\u00a0 of \u00a0edge\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020761"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202211-3369"
}
],
"trust": 0.6
}
}
var-202211-1442
Vulnerability from variot
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources. AVEVA of edge Exists in a past traversal vulnerability.Information may be obtained. AVEVA Edge is a highly scalable and flexible HMI/SCADA software from AVEVA.
There is an information disclosure vulnerability in AVEVA Edge 2020 R2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202211-1442",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "edge",
"scope": "eq",
"trust": 1.8,
"vendor": "aveva",
"version": "2020"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "edge",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "edge r2",
"scope": "eq",
"trust": 0.6,
"vendor": "aveva",
"version": "2020"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-86391"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"db": "NVD",
"id": "CVE-2021-42797"
}
]
},
"cve": "CVE-2021-42797",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-86391",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-42797",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-42797",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-42797",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-42797",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2022-86391",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202211-3370",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-86391"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3370"
},
{
"db": "NVD",
"id": "CVE-2021-42797"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources. AVEVA of edge Exists in a past traversal vulnerability.Information may be obtained. AVEVA Edge is a highly scalable and flexible HMI/SCADA software from AVEVA. \n\r\n\r\nThere is an information disclosure vulnerability in AVEVA Edge 2020 R2",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-42797"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"db": "CNVD",
"id": "CNVD-2022-86391"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-42797",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-22-326-01",
"trust": 1.9
},
{
"db": "AUSCERT",
"id": "ESB-2022.6114.2",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU97763467",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020760",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-86391",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3370",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-42797",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-86391"
},
{
"db": "VULMON",
"id": "CVE-2021-42797"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3370"
},
{
"db": "NVD",
"id": "CVE-2021-42797"
}
]
},
"id": "VAR-202211-1442",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-86391"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-86391"
}
]
},
"last_update_date": "2024-08-14T12:41:13.255000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"db": "NVD",
"id": "CVE-2021-42797"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
},
{
"trust": 1.8,
"url": "https://www.aveva.com/en/products/edge/"
},
{
"trust": 1.2,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6114.2"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97763467/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-42797"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-86391"
},
{
"db": "VULMON",
"id": "CVE-2021-42797"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3370"
},
{
"db": "NVD",
"id": "CVE-2021-42797"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-86391"
},
{
"db": "VULMON",
"id": "CVE-2021-42797"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3370"
},
{
"db": "NVD",
"id": "CVE-2021-42797"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-86391"
},
{
"date": "2024-01-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"date": "2022-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202211-3370"
},
{
"date": "2023-12-16T01:15:07.587000",
"db": "NVD",
"id": "CVE-2021-42797"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-86391"
},
{
"date": "2024-01-16T01:38:00",
"db": "JVNDB",
"id": "JVNDB-2021-020760"
},
{
"date": "2022-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202211-3370"
},
{
"date": "2023-12-20T17:32:50.487000",
"db": "NVD",
"id": "CVE-2021-42797"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AVEVA\u00a0 of \u00a0edge\u00a0 Past traversal vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020760"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202211-3370"
}
],
"trust": 0.6
}
}
var-202311-0502
Vulnerability from variot
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine. batch management , communication drivers , edge etc. multiple AVEVA There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202311-0502",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "telemetry server",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020r2"
},
{
"model": "communication drivers",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "plant scada",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "batch management",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "enterprise licensing",
"scope": "lte",
"trust": 1.0,
"vendor": "aveva",
"version": "3.7.002"
},
{
"model": "recipe management",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "system platform",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "edge",
"scope": "lte",
"trust": 1.0,
"vendor": "aveva",
"version": "20.1.101"
},
{
"model": "manufacturing execution system",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "historian",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "mobile operator",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "batch management",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "intouch",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "work tasks",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "recipe management",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "historian",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "communication drivers",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "intouch",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "mobile operator",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "plant scada",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "work tasks",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "system platform",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "manufacturing execution system",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "intouch",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "mobile operator",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "enterprise licensing",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "telemetry server",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "communication drivers",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "system platform",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "batch management",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "recipe management",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "edge",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "historian",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "plant scada",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "work tasks",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "manufacturing execution system",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"db": "NVD",
"id": "CVE-2023-33873"
}
]
},
"cve": "CVE-2023-33873",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2023-33873",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-33873",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-33873",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2023-33873",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-33873",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"db": "NVD",
"id": "CVE-2023-33873"
},
{
"db": "NVD",
"id": "CVE-2023-33873"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "\nThis privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine. batch management , communication drivers , edge etc. multiple AVEVA There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33873"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"db": "VULMON",
"id": "CVE-2023-33873"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-33873",
"trust": 2.7
},
{
"db": "ICS CERT",
"id": "ICSA-23-318-01",
"trust": 1.9
},
{
"db": "JVN",
"id": "JVNVU93965614",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019213",
"trust": 0.8
},
{
"db": "VULMON",
"id": "CVE-2023-33873",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-33873"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"db": "NVD",
"id": "CVE-2023-33873"
}
]
},
"id": "VAR-202311-0502",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.20625000500000001
},
"last_update_date": "2024-08-14T15:10:30.527000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-250",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"db": "NVD",
"id": "CVE-2023-33873"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"trust": 1.9,
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93965614/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-33873"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-33873"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"db": "NVD",
"id": "CVE-2023-33873"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-33873"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"db": "NVD",
"id": "CVE-2023-33873"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2023-33873"
},
{
"date": "2024-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"date": "2023-11-15T17:15:41.313000",
"db": "NVD",
"id": "CVE-2023-33873"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-16T00:00:00",
"db": "VULMON",
"id": "CVE-2023-33873"
},
{
"date": "2024-01-12T05:53:00",
"db": "JVNDB",
"id": "JVNDB-2023-019213"
},
{
"date": "2023-12-08T17:27:53.197000",
"db": "NVD",
"id": "CVE-2023-33873"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0AVEVA\u00a0 Product vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019213"
}
],
"trust": 0.8
}
}
var-201503-0062
Vulnerability from variot
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Attackers can exploit this issue to bypass the authentication mechanism and log in to another user's account. The following products are affected: InduSoft Web Studio 7.1.3.2 and prior. InTouch Machine Edition 7.1.3.2 and prior. This product provides HMI clients with read, write tag and event monitoring capabilities. The vulnerability stems from the fact that the HMI user interface provided by the program contains all valid user names
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0062",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "wonderware intouch 2014",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "intouch machine edition 2014",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "electric indusoft web studio sp3 patch",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "7.1.3.44"
},
{
"model": "electric intouch machine edition sp3 patch",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "2014(\u003c7.1.3.44)"
},
{
"model": "wonderware intouch 2014",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "indusoft web studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware intouch 2014",
"version": "*"
},
{
"model": "intouch machine edition",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "20147.1.3.2"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "indusoft web studio sp patch",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:indusoft_web_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:wonderware_intouch_2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Ilya Karpov, Kirill Nesterov, and Alisa Esage Shevcheckno",
"sources": [
{
"db": "BID",
"id": "73386"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0997",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0997",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-02058",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-78943",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0997",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-0997",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-02058",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-616",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-78943",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. \nAttackers can exploit this issue to bypass the authentication mechanism and log in to another user\u0027s account. \nThe following products are affected:\nInduSoft Web Studio 7.1.3.2 and prior. \nInTouch Machine Edition 7.1.3.2 and prior. This product provides HMI clients with read, write tag and event monitoring capabilities. The vulnerability stems from the fact that the HMI user interface provided by the program contains all valid user names",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0997"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-78943"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0997",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-15-085-01",
"trust": 2.8
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-01",
"trust": 2.3
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-02",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-02058",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994",
"trust": 0.8
},
{
"db": "BID",
"id": "73386",
"trust": 0.4
},
{
"db": "IVD",
"id": "7D7F27C0-463F-11E9-8224-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "9A4B4F32-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-78943",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"id": "VAR-201503-0062",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
}
],
"trust": 1.8657392000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
}
]
},
"last_update_date": "2024-11-23T22:01:52.843000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "InTouch Machine Edition 2014 Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"title": "InduSoft Web Studi Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"title": "\\302\\240\\302\\240\\302\\240\\302\\240\\302\\240Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Edition Information Disclosure Vulnerability (CNVD-2015-02058)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/56786"
},
{
"title": "IWS71.3.4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54647"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-085-01"
},
{
"trust": 2.3,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-01"
},
{
"trust": 1.7,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0997"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0997"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"date": "2015-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-78943"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73386"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"date": "2015-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"date": "2015-03-29T10:59:06.647000",
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-78943"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73386"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"date": "2024-11-21T02:24:06.437000",
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities that gain access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
}
],
"trust": 0.6
}
}
var-202311-0501
Vulnerability from variot
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service. batch management , communication drivers , edge etc. multiple AVEVA The product contains a vulnerability related to externally controllable references to cross-domain resources.Information is tampered with and service operation is interrupted (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202311-0501",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "telemetry server",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020r2"
},
{
"model": "communication drivers",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "plant scada",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "batch management",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "enterprise licensing",
"scope": "lte",
"trust": 1.0,
"vendor": "aveva",
"version": "3.7.002"
},
{
"model": "recipe management",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "system platform",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "edge",
"scope": "lte",
"trust": 1.0,
"vendor": "aveva",
"version": "20.1.101"
},
{
"model": "manufacturing execution system",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "historian",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "mobile operator",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "batch management",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "intouch",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "work tasks",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "recipe management",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "historian",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "communication drivers",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "intouch",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "mobile operator",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "plant scada",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "work tasks",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "system platform",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "manufacturing execution system",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "intouch",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "mobile operator",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "enterprise licensing",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "telemetry server",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "communication drivers",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "system platform",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "batch management",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "recipe management",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "edge",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "historian",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "plant scada",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "work tasks",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "manufacturing execution system",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"db": "NVD",
"id": "CVE-2023-34982"
}
]
},
"cve": "CVE-2023-34982",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2023-34982",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2023-34982",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.1,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-34982",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-34982",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2023-34982",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-34982",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"db": "NVD",
"id": "CVE-2023-34982"
},
{
"db": "NVD",
"id": "CVE-2023-34982"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "\nThis external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service. batch management , communication drivers , edge etc. multiple AVEVA The product contains a vulnerability related to externally controllable references to cross-domain resources.Information is tampered with and service operation is interrupted (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-34982"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"db": "VULMON",
"id": "CVE-2023-34982"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-34982",
"trust": 2.7
},
{
"db": "ICS CERT",
"id": "ICSA-23-318-01",
"trust": 1.9
},
{
"db": "JVN",
"id": "JVNVU93965614",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019212",
"trust": 0.8
},
{
"db": "VULMON",
"id": "CVE-2023-34982",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-34982"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"db": "NVD",
"id": "CVE-2023-34982"
}
]
},
"id": "VAR-202311-0501",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.20625000500000001
},
"last_update_date": "2024-08-14T15:10:30.503000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-73",
"trust": 1.0
},
{
"problemtype": "CWE-610",
"trust": 1.0
},
{
"problemtype": "Externally controllable reference to another region resource (CWE-610) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"db": "NVD",
"id": "CVE-2023-34982"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"trust": 1.9,
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93965614/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-34982"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"db": "NVD",
"id": "CVE-2023-34982"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-34982"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"db": "NVD",
"id": "CVE-2023-34982"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2023-34982"
},
{
"date": "2024-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"date": "2023-11-15T17:15:41.563000",
"db": "NVD",
"id": "CVE-2023-34982"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-16T00:00:00",
"db": "VULMON",
"id": "CVE-2023-34982"
},
{
"date": "2024-01-12T05:53:00",
"db": "JVNDB",
"id": "JVNDB-2023-019212"
},
{
"date": "2023-12-08T18:53:18.187000",
"db": "NVD",
"id": "CVE-2023-34982"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0AVEVA\u00a0 Vulnerability related to externally controllable references to other domain resources in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019212"
}
],
"trust": 0.8
}
}
var-201503-0064
Vulnerability from variot
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Multiple Schneider Electric products are prone to a local information-disclosure vulnerability. This product provides HMI clients with read, write tag and event monitoring capabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware intouch 2014",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "7.1.3.4"
},
{
"model": "wonderware intouch 2014",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "intouch machine edition 2014",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "electric indusoft web studio sp3 patch",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "7.1.3.44"
},
{
"model": "electric intouch machine edition sp3 patch",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "2014(\u003c7.1.3.44)"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "indusoft web studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware intouch 2014",
"version": "*"
},
{
"model": "intouch machine edition",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "20147.1.3.2"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "indusoft web studio sp patch",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:indusoft_web_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:wonderware_intouch_2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Ilya Karpov, and Kirill Nesterov of Positive Technologies Security Lab and Alisa Esage Shevcheckno",
"sources": [
{
"db": "BID",
"id": "73389"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0999",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2015-0999",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-02056",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "9a39670e-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-78945",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0999",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2015-0999",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2015-02056",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-618",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-78945",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Multiple Schneider Electric products are prone to a local information-disclosure vulnerability. This product provides HMI clients with read, write tag and event monitoring capabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0999"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-78945"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0999",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-15-085-01",
"trust": 2.8
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-01",
"trust": 2.3
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-02",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-02056",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996",
"trust": 0.8
},
{
"db": "BID",
"id": "73389",
"trust": 0.4
},
{
"db": "IVD",
"id": "7D7F27C2-463F-11E9-8462-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "9A39670E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-78945",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"id": "VAR-201503-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
}
],
"trust": 1.8657392000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
}
]
},
"last_update_date": "2024-11-23T22:01:52.798000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "InduSoft Web Studio Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"title": "InTouch Machine Edition 2014 Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"title": "Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Edition Information Disclosure Vulnerability (CNVD-2015-02056)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/56788"
},
{
"title": "IWS71.3.4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54647"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-085-01"
},
{
"trust": 2.3,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-01"
},
{
"trust": 1.7,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0999"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0999"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"date": "2015-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-78945"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73389"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"date": "2015-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"date": "2015-03-29T10:59:08.477000",
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-78945"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73389"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"date": "2024-11-21T02:24:06.687000",
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "73389"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
}
],
"trust": 0.6
}
}
var-201503-0061
Vulnerability from variot
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive information by discovering this password. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Read access. A local attacker could exploit this vulnerability to obtain sensitive information by discovering passwords. Schneider Electric Products are prone to multiple local information-disclosure vulnerabilities. This may aid in further attacks. This product provides HMI clients with read, write tag and event monitoring capabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware intouch 2014",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "7.1.3.4"
},
{
"model": "wonderware intouch 2014",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "intouch machine edition 2014",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "indusoft web studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wonderware intouch 2014",
"version": "*"
},
{
"model": "electric indusoft web studio sp3 patch",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "7.1.3.44"
},
{
"model": "electric intouch machine edition sp3 patch",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "2014(\u003c7.1.3.44)"
},
{
"model": "intouch machine edition",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "20147.1.3.2"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "indusoft web studio sp patch",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"db": "BID",
"id": "73387"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-615"
},
{
"db": "NVD",
"id": "CVE-2015-0996"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:indusoft_web_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:wonderware_intouch_2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Ilya Karpov, and Kirill Nesterov of Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "73387"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0996",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2015-0996",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-02059",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "9a491a14-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-78942",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0996",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2015-0996",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2015-02059",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-615",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-78942",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2015-0996",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"db": "VULHUB",
"id": "VHN-78942"
},
{
"db": "VULMON",
"id": "CVE-2015-0996"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-615"
},
{
"db": "NVD",
"id": "CVE-2015-0996"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive information by discovering this password. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Read access. A local attacker could exploit this vulnerability to obtain sensitive information by discovering passwords. Schneider Electric Products are prone to multiple local information-disclosure vulnerabilities. This may aid in further attacks. This product provides HMI clients with read, write tag and event monitoring capabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0996"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"db": "BID",
"id": "73387"
},
{
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-78942"
},
{
"db": "VULMON",
"id": "CVE-2015-0996"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0996",
"trust": 4.1
},
{
"db": "ICS CERT",
"id": "ICSA-15-085-01",
"trust": 2.9
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-02",
"trust": 2.4
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-01",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-201503-615",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2015-02059",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993",
"trust": 0.8
},
{
"db": "BID",
"id": "73387",
"trust": 0.4
},
{
"db": "IVD",
"id": "7D7F00B1-463F-11E9-9603-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "9A491A14-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "9CA039B4-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-78942",
"trust": 0.1
},
{
"db": "ICS CERT",
"id": "ICSA-15-085-01A",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-0996",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"db": "VULHUB",
"id": "VHN-78942"
},
{
"db": "VULMON",
"id": "CVE-2015-0996"
},
{
"db": "BID",
"id": "73387"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-615"
},
{
"db": "NVD",
"id": "CVE-2015-0996"
}
]
},
"id": "VAR-201503-0061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"db": "VULHUB",
"id": "VHN-78942"
}
],
"trust": 2.0657392
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02059"
}
]
},
"last_update_date": "2024-11-23T22:01:52.696000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "InTouch Machine Edition 2014 Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"title": "InduSoft Web Studi Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"title": "Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Edition Information Disclosure Vulnerability (CNVD-2015-02059)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/56785"
},
{
"title": "IWS71.3.4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54647"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-615"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78942"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"db": "NVD",
"id": "CVE-2015-0996"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-085-01"
},
{
"trust": 2.4,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-02"
},
{
"trust": 1.8,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0996"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0996"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38083"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-085-01a"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"db": "VULHUB",
"id": "VHN-78942"
},
{
"db": "VULMON",
"id": "CVE-2015-0996"
},
{
"db": "BID",
"id": "73387"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-615"
},
{
"db": "NVD",
"id": "CVE-2015-0996"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"db": "VULHUB",
"id": "VHN-78942"
},
{
"db": "VULMON",
"id": "CVE-2015-0996"
},
{
"db": "BID",
"id": "73387"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-615"
},
{
"db": "NVD",
"id": "CVE-2015-0996"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"date": "2015-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-78942"
},
{
"date": "2015-03-29T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0996"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73387"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"date": "2015-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-615"
},
{
"date": "2015-03-29T10:59:05.383000",
"db": "NVD",
"id": "CVE-2015-0996"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02059"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-78942"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0996"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73387"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001993"
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-615"
},
{
"date": "2024-11-21T02:24:06.317000",
"db": "NVD",
"id": "CVE-2015-0996"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-615"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001993"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Information leakage",
"sources": [
{
"db": "IVD",
"id": "7d7f00b1-463f-11e9-9603-000c29342cb1"
},
{
"db": "IVD",
"id": "9a491a14-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9ca039b4-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 0.6
}
}
var-201503-0063
Vulnerability from variot
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. A remote attacker can exploit the vulnerability to gain sensitive information by sniffing the network. The following products are affected: InduSoft Web Studio 7.1.3.2 and prior. InTouch Machine Edition 7.1.3.2 and prior. This product provides HMI clients with read, write tag and event monitoring capabilities. The vulnerability is caused by the programs transmitting plaintext certificates
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0063",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware intouch 2014",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "7.1.3.4"
},
{
"model": "wonderware intouch 2014",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "intouch machine edition 2014",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "electric indusoft web studio sp3 patch",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "7.1.3.44"
},
{
"model": "electric intouch machine edition sp3 patch",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "2014(\u003c7.1.3.44)"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "indusoft web studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware intouch 2014",
"version": "*"
},
{
"model": "intouch machine edition",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "20147.1.3.2"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "indusoft web studio sp patch",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1"
},
{
"db": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"db": "BID",
"id": "73378"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-617"
},
{
"db": "NVD",
"id": "CVE-2015-0998"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:indusoft_web_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:wonderware_intouch_2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Ilya Karpov, and Kirill Nesterov of Positive Technologies Security Lab and Alisa Esage Shevcheckno",
"sources": [
{
"db": "BID",
"id": "73378"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0998",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2015-0998",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2015-02057",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "9a355f92-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-78944",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0998",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2015-0998",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2015-02057",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-617",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-78944",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1"
},
{
"db": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"db": "VULHUB",
"id": "VHN-78944"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-617"
},
{
"db": "NVD",
"id": "CVE-2015-0998"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. A remote attacker can exploit the vulnerability to gain sensitive information by sniffing the network. \nThe following products are affected:\nInduSoft Web Studio 7.1.3.2 and prior. \nInTouch Machine Edition 7.1.3.2 and prior. This product provides HMI clients with read, write tag and event monitoring capabilities. The vulnerability is caused by the programs transmitting plaintext certificates",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0998"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"db": "BID",
"id": "73378"
},
{
"db": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1"
},
{
"db": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-78944"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0998",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-15-085-01",
"trust": 2.8
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-02",
"trust": 2.3
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-01",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201503-617",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-02057",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995",
"trust": 0.8
},
{
"db": "BID",
"id": "73378",
"trust": 0.4
},
{
"db": "IVD",
"id": "7D7F27C1-463F-11E9-81A1-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "9A355F92-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-78944",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1"
},
{
"db": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"db": "VULHUB",
"id": "VHN-78944"
},
{
"db": "BID",
"id": "73378"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-617"
},
{
"db": "NVD",
"id": "CVE-2015-0998"
}
]
},
"id": "VAR-201503-0063",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1"
},
{
"db": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"db": "VULHUB",
"id": "VHN-78944"
}
],
"trust": 1.8657392000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1"
},
{
"db": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02057"
}
]
},
"last_update_date": "2024-11-23T22:01:52.754000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "InTouch Machine Edition 2014 Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"title": "InduSoft Web Studi Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"title": "\\302\\240\\302\\240\\302\\240\\302\\240\\302\\240Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Edition Information Disclosure Vulnerability (CNVD-2015-02057)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/56787"
},
{
"title": "IWS71.3.4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54647"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-617"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78944"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"db": "NVD",
"id": "CVE-2015-0998"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-085-01"
},
{
"trust": 2.3,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-02"
},
{
"trust": 1.7,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0998"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0998"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"db": "VULHUB",
"id": "VHN-78944"
},
{
"db": "BID",
"id": "73378"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-617"
},
{
"db": "NVD",
"id": "CVE-2015-0998"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1"
},
{
"db": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"db": "VULHUB",
"id": "VHN-78944"
},
{
"db": "BID",
"id": "73378"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-617"
},
{
"db": "NVD",
"id": "CVE-2015-0998"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "7d7f27c1-463f-11e9-81a1-000c29342cb1"
},
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "9a355f92-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"date": "2015-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-78944"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73378"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"date": "2015-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-617"
},
{
"date": "2015-03-29T10:59:07.460000",
"db": "NVD",
"id": "CVE-2015-0998"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02057"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-78944"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73378"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001995"
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-617"
},
{
"date": "2024-11-21T02:24:06.567000",
"db": "NVD",
"id": "CVE-2015-0998"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-617"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001995"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-617"
}
],
"trust": 0.6
}
}
var-202211-1443
Vulnerability from variot
An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses. AVEVA of edge Exists in unspecified vulnerabilities.Information may be obtained.
AVEVA Edge 2020 R and its previous versions have a DLL hijacking vulnerability, which may affect the confidentiality, availability, or integrity of the system. There are currently no vulnerability details
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202211-1443",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "edge",
"scope": "eq",
"trust": 1.8,
"vendor": "aveva",
"version": "2020"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "2020"
},
{
"model": "edge",
"scope": "eq",
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "edge",
"scope": null,
"trust": 0.8,
"vendor": "aveva",
"version": null
},
{
"model": "edge r2",
"scope": "lte",
"trust": 0.6,
"vendor": "aveva",
"version": "\u003c=2020"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85519"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"db": "NVD",
"id": "CVE-2021-42794"
}
]
},
"cve": "CVE-2021-42794",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-85519",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2021-42794",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-42794",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-42794",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-42794",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-42794",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2022-85519",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202211-3365",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85519"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3365"
},
{
"db": "NVD",
"id": "CVE-2021-42794"
},
{
"db": "NVD",
"id": "CVE-2021-42794"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts\u0027 responses. AVEVA of edge Exists in unspecified vulnerabilities.Information may be obtained. \n\r\n\r\nAVEVA Edge 2020 R and its previous versions have a DLL hijacking vulnerability, which may affect the confidentiality, availability, or integrity of the system. There are currently no vulnerability details",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-42794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"db": "CNVD",
"id": "CNVD-2022-85519"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-42794",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-22-326-01",
"trust": 1.9
},
{
"db": "AUSCERT",
"id": "ESB-2022.6114.2",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU97763467",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020762",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-85519",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3365",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-42794",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85519"
},
{
"db": "VULMON",
"id": "CVE-2021-42794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3365"
},
{
"db": "NVD",
"id": "CVE-2021-42794"
}
]
},
"id": "VAR-202211-1443",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85519"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85519"
}
]
},
"last_update_date": "2024-08-14T12:37:32.967000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"db": "NVD",
"id": "CVE-2021-42794"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
},
{
"trust": 1.8,
"url": "https://www.aveva.com/en/products/edge/"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf"
},
{
"trust": 1.2,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6114.2"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97763467/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-42794"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-85519"
},
{
"db": "VULMON",
"id": "CVE-2021-42794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3365"
},
{
"db": "NVD",
"id": "CVE-2021-42794"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-85519"
},
{
"db": "VULMON",
"id": "CVE-2021-42794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"db": "CNNVD",
"id": "CNNVD-202211-3365"
},
{
"db": "NVD",
"id": "CVE-2021-42794"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-85519"
},
{
"date": "2024-01-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"date": "2022-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202211-3365"
},
{
"date": "2023-12-16T01:15:07.367000",
"db": "NVD",
"id": "CVE-2021-42794"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-85519"
},
{
"date": "2024-01-16T01:38:00",
"db": "JVNDB",
"id": "JVNDB-2021-020762"
},
{
"date": "2022-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202211-3365"
},
{
"date": "2023-12-20T16:16:11.980000",
"db": "NVD",
"id": "CVE-2021-42794"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AVEVA\u00a0 of \u00a0edge\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020762"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202211-3365"
}
],
"trust": 0.6
}
}
var-201811-0104
Vulnerability from variot
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime. The product provides read, write tag and event monitoring for HMI clients. A remote attacker could exploit the vulnerability to execute code. A stack-based buffer overflow vulnerability 2. Failed exploit attempts will likely cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0104",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 2.6,
"vendor": "indusoft web studio",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 1.6,
"vendor": "indusoft web studio",
"version": "8.0"
},
{
"model": "intouch machine edition 2014",
"scope": "eq",
"trust": 1.6,
"vendor": "aveva",
"version": "r2"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.6,
"vendor": "aveva",
"version": "8.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.6,
"vendor": "aveva",
"version": "8.0"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "7.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "6.1"
},
{
"model": "edge",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "indusoft web studio",
"version": "8.1"
},
{
"model": "indusoft web studio",
"scope": "lt",
"trust": 0.8,
"vendor": "aveva",
"version": "8.1 sp2"
},
{
"model": "intouch edge hmi",
"scope": "lt",
"trust": 0.8,
"vendor": "aveva",
"version": "2017 sp2"
},
{
"model": "intouch machine edition 2014",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric indusoft web studio sp2",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "8.1"
},
{
"model": "electric intouch edge hmiintouch machine edition sp2",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "2017"
},
{
"model": "intouch edge hmi",
"scope": "eq",
"trust": 0.6,
"vendor": "aveva",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "indusoft web studio",
"version": "6.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "intouch edge hmi",
"version": "8.1"
},
{
"model": "intouch edge hmi",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2017"
},
{
"model": "indusoft web studio sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": "indusoft web studio sp2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.01"
},
{
"model": "indusoft web studio sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.0"
},
{
"model": "indusoft web studio patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.55"
},
{
"model": "indusoft web studio sp patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "intouch edge hmi sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2017"
},
{
"model": "indusoft web studio sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": "r2",
"scope": null,
"trust": 0.2,
"vendor": "intouch machine edition 2014",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-020"
},
{
"db": "NVD",
"id": "CVE-2018-17914"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:aveva:indusoft_web_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:aveva:intouch_edge_hmi",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:wonderware_intouch_2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenable",
"sources": [
{
"db": "BID",
"id": "106015"
}
],
"trust": 0.3
},
"cve": "CVE-2018-17914",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-17914",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-05107",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-17914",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-17914",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-17914",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-17914",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-05107",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-020",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-17914",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"db": "VULMON",
"id": "CVE-2018-17914"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-020"
},
{
"db": "NVD",
"id": "CVE-2018-17914"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime. The product provides read, write tag and event monitoring for HMI clients. A remote attacker could exploit the vulnerability to execute code. A stack-based buffer overflow vulnerability\n2. Failed exploit attempts will likely cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17914"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1"
},
{
"db": "VULMON",
"id": "CVE-2018-17914"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17914",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-305-01",
"trust": 3.4
},
{
"db": "TENABLE",
"id": "TRA-2018-34",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2019-05107",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-020",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012385",
"trust": 0.8
},
{
"db": "BID",
"id": "106015",
"trust": 0.3
},
{
"db": "IVD",
"id": "7D867AC0-463F-11E9-84DD-000C29342CB1",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2018-17914",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"db": "VULMON",
"id": "CVE-2018-17914"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-020"
},
{
"db": "NVD",
"id": "CVE-2018-17914"
}
]
},
"id": "VAR-201811-0104",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05107"
}
],
"trust": 1.61431685
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05107"
}
]
},
"last_update_date": "2024-11-23T22:12:17.833000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AVEVA Security Bulletin LFSEC00000130",
"trust": 0.8,
"url": "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec130.pdf"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "https://www.se.com/jp/ja/"
},
{
"title": "Patch for Schneider Electric InduSoft Web Studio and InTouch Edge HMI Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/154315"
},
{
"title": "Schneider Electric InduSoft Web Studio and InTouch Edge HMI Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86566"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-020"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-258",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"db": "NVD",
"id": "CVE-2018-17914"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-305-01"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/research/tra-2018-34"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17914"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17914"
},
{
"trust": 0.3,
"url": "http://www.indusoft.com/indusoftart.php?catid=1\u0026name=iws/webstudio"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"db": "VULMON",
"id": "CVE-2018-17914"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-020"
},
{
"db": "NVD",
"id": "CVE-2018-17914"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"db": "VULMON",
"id": "CVE-2018-17914"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-020"
},
{
"db": "NVD",
"id": "CVE-2018-17914"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-24T00:00:00",
"db": "IVD",
"id": "7d867ac0-463f-11e9-84dd-000c29342cb1"
},
{
"date": "2019-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"date": "2018-11-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-17914"
},
{
"date": "2018-11-01T00:00:00",
"db": "BID",
"id": "106015"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"date": "2018-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-020"
},
{
"date": "2018-11-02T13:29:00.230000",
"db": "NVD",
"id": "CVE-2018-17914"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-05107"
},
{
"date": "2021-04-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-17914"
},
{
"date": "2018-11-01T00:00:00",
"db": "BID",
"id": "106015"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012385"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-020"
},
{
"date": "2024-11-21T03:55:11.897000",
"db": "NVD",
"id": "CVE-2018-17914"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-020"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "InduSoft Web Studio and InTouch Edge HMI Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012385"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-020"
}
],
"trust": 0.6
}
}
var-201811-0105
Vulnerability from variot
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine. The product provides read, write tags and event monitoring functions for HMI clients. An attacker could use this vulnerability to execute code. A stack-based buffer overflow vulnerability 2. A remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0105",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 2.6,
"vendor": "indusoft web studio",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 1.6,
"vendor": "indusoft web studio",
"version": "8.0"
},
{
"model": "intouch machine edition 2014",
"scope": "eq",
"trust": 1.6,
"vendor": "aveva",
"version": "r2"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.6,
"vendor": "aveva",
"version": "8.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.6,
"vendor": "aveva",
"version": "8.0"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "7.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "6.1"
},
{
"model": "edge",
"scope": "eq",
"trust": 1.0,
"vendor": "aveva",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "indusoft web studio",
"version": "8.1"
},
{
"model": "indusoft web studio",
"scope": "lt",
"trust": 0.8,
"vendor": "aveva",
"version": "8.1 sp2"
},
{
"model": "intouch edge hmi",
"scope": "lt",
"trust": 0.8,
"vendor": "aveva",
"version": "2017 sp2"
},
{
"model": "intouch machine edition 2014",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric indusoft web studio sp2",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "8.1"
},
{
"model": "electric intouch edge hmiintouch machine edition sp2",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "2017"
},
{
"model": "intouch edge hmi",
"scope": "eq",
"trust": 0.6,
"vendor": "aveva",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "indusoft web studio",
"version": "6.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "intouch edge hmi",
"version": "8.1"
},
{
"model": "intouch edge hmi",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2017"
},
{
"model": "indusoft web studio sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": "indusoft web studio sp2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.01"
},
{
"model": "indusoft web studio sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.0"
},
{
"model": "indusoft web studio patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.55"
},
{
"model": "indusoft web studio sp patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "intouch edge hmi sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2017"
},
{
"model": "indusoft web studio sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": "r2",
"scope": null,
"trust": 0.2,
"vendor": "intouch machine edition 2014",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-019"
},
{
"db": "NVD",
"id": "CVE-2018-17916"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:aveva:indusoft_web_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:aveva:intouch_edge_hmi",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:wonderware_intouch_2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenable",
"sources": [
{
"db": "BID",
"id": "106015"
}
],
"trust": 0.3
},
"cve": "CVE-2018-17916",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-17916",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-45187",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "f51f1287-2497-4737-b75b-39068f6ce060",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-17916",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-17916",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-17916",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-17916",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-45187",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-019",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-17916",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"db": "VULMON",
"id": "CVE-2018-17916"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-019"
},
{
"db": "NVD",
"id": "CVE-2018-17916"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine. The product provides read, write tags and event monitoring functions for HMI clients. An attacker could use this vulnerability to execute code. A stack-based buffer overflow vulnerability\n2. A remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17916"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"db": "VULMON",
"id": "CVE-2018-17916"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17916",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-305-01",
"trust": 3.4
},
{
"db": "TENABLE",
"id": "TRA-2018-34",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2019-45187",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-019",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012386",
"trust": 0.8
},
{
"db": "BID",
"id": "106015",
"trust": 0.3
},
{
"db": "IVD",
"id": "F51F1287-2497-4737-B75B-39068F6CE060",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2018-17916",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"db": "VULMON",
"id": "CVE-2018-17916"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-019"
},
{
"db": "NVD",
"id": "CVE-2018-17916"
}
]
},
"id": "VAR-201811-0105",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"db": "CNVD",
"id": "CNVD-2019-45187"
}
],
"trust": 1.61431685
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"db": "CNVD",
"id": "CNVD-2019-45187"
}
]
},
"last_update_date": "2024-11-23T22:12:17.793000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AVEVA Security Bulletin LFSEC00000130",
"trust": 0.8,
"url": "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec130.pdf"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "https://www.se.com/jp/ja/"
},
{
"title": "Patch for Schneider Electric InduSoft Web Studio and InTouch Edge HMI Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/193949"
},
{
"title": "Schneider Electric InduSoft Web Studio and InTouch Edge HMI Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86565"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-019"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"db": "NVD",
"id": "CVE-2018-17916"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-305-01"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/research/tra-2018-34"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17916"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17916"
},
{
"trust": 0.3,
"url": "http://www.indusoft.com/indusoftart.php?catid=1\u0026name=iws/webstudio"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"db": "VULMON",
"id": "CVE-2018-17916"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-019"
},
{
"db": "NVD",
"id": "CVE-2018-17916"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"db": "VULMON",
"id": "CVE-2018-17916"
},
{
"db": "BID",
"id": "106015"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-019"
},
{
"db": "NVD",
"id": "CVE-2018-17916"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-13T00:00:00",
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"date": "2019-12-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"date": "2018-11-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-17916"
},
{
"date": "2018-11-01T00:00:00",
"db": "BID",
"id": "106015"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"date": "2018-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-019"
},
{
"date": "2018-11-02T13:29:00.323000",
"db": "NVD",
"id": "CVE-2018-17916"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-45187"
},
{
"date": "2021-04-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-17916"
},
{
"date": "2018-11-01T00:00:00",
"db": "BID",
"id": "106015"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012386"
},
{
"date": "2020-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-019"
},
{
"date": "2024-11-21T03:55:12.170000",
"db": "NVD",
"id": "CVE-2018-17916"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-019"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "InduSoft Web Studio and InTouch Edge HMI Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012386"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "f51f1287-2497-4737-b75b-39068f6ce060"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-019"
}
],
"trust": 0.8
}
}
cve-2022-36969
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2025-02-18 16:43
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the LoadImportedLibraries method. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process. Was ZDI-CAN-17394.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1128/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36969",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T15:43:15.438562Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T16:43:19.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Edge",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2020 SP2 Patch 0(4201.2111.1802.0000)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the LoadImportedLibraries method. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process. Was ZDI-CAN-17394."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1128/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-36969",
"datePublished": "2023-03-29T00:00:00.000Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-02-18T16:43:19.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-34982
Vulnerability from cvelistv5
Published
2023-11-15 16:28
Modified
2024-08-02 16:17
Severity ?
EPSS score ?
Summary
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AVEVA | SystemPlatform |
Version: 0 < |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:17:04.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SystemPlatform",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Historian",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Application Server",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "InTouch",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Enterprise Licensing (formerly known as License Manager)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "3.7.002",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Manufacturing Execution System (formerly known as Wonderware MES)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Recipe Management",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 Update 1 Patch 2 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Batch Management",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 SP1 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Edge (formerly known as Indusoft Web Studio)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Worktasks (formerly known as Workflow Management)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 U2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Plant SCADA (formerly known as Citect)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 Update 15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mobile Operator (formerly known as IntelaTrac Mobile Operator Rounds)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Communication Drivers Pack",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telemetry Server",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lukasz Piotrowski from Equinor reported these vulnerabilities to AVEVA."
}
],
"datePublic": "2023-11-14T16:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.\u003c/span\u003e\n\n"
}
],
"value": "\nThis external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-15T16:28:35.183Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected products should apply security updates as soon as possible.\u003c/p\u003e\u003cp\u003eIn addition to applying security updates, users should follow these general precautions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEnsure that Guest or Anonymous local OS accounts are disabled.\u003c/li\u003e\u003cli\u003eEnsure that only trusted users are able to login on the nodes where the Operations Control Logger is running.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003ePlease see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA Security Bulletin number AVEVA-2023-003\u003c/a\u003e\u0026nbsp;for more information and for links for individual security updates and mitigations for each of the affected products.\u003c/p\u003e\u003cp\u003eAVEVA System Platform 2020 through 2020 R2 SP1 cannot be newly installed on top of other AVEVA products which have been previously patched with the Operations Control Logger v22.1. For additional details please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/#/knowledgebase/details/000038736?lang=en_us\"\u003eAlert 000038736.\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected products should apply security updates as soon as possible.\n\nIn addition to applying security updates, users should follow these general precautions:\n\n * Ensure that Guest or Anonymous local OS accounts are disabled.\n * Ensure that only trusted users are able to login on the nodes where the Operations Control Logger is running.\n\n\nPlease see AVEVA Security Bulletin number AVEVA-2023-003 https://www.aveva.com/en/support-and-success/cyber-security-updates/ \u00a0for more information and for links for individual security updates and mitigations for each of the affected products.\n\nAVEVA System Platform 2020 through 2020 R2 SP1 cannot be newly installed on top of other AVEVA products which have been previously patched with the Operations Control Logger v22.1. For additional details please refer to Alert 000038736. https://softwaresupportsp.aveva.com/#/knowledgebase/details/000038736 \n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "AVEVA Operations Control Logger External Control of File Name or Path ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-34982",
"datePublished": "2023-11-15T16:28:35.183Z",
"dateReserved": "2023-06-13T14:56:36.310Z",
"dateUpdated": "2024-08-02T16:17:04.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-17916
Vulnerability from cvelistv5
Published
2018-11-02 13:00
Modified
2024-08-05 11:01
Severity ?
EPSS score ?
Summary
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01 | x_refsource_MISC | |
| https://www.tenable.com/security/research/tra-2018-34 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| unknown | InduSoft Web Studio, and InTouch Edge HMI (formerly InTouch Machine Edition) |
Version: InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:01:14.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "InduSoft Web Studio, and InTouch Edge HMI (formerly InTouch Machine Edition)",
"vendor": "unknown",
"versions": [
{
"status": "affected",
"version": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2"
}
]
}
],
"datePublic": "2018-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-03T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-34"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-17916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "InduSoft Web Studio, and InTouch Edge HMI (formerly InTouch Machine Edition)",
"version": {
"version_data": [
{
"version_value": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2"
}
]
}
}
]
},
"vendor_name": "unknown"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"name": "https://www.tenable.com/security/research/tra-2018-34",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-34"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-17916",
"datePublished": "2018-11-02T13:00:00",
"dateReserved": "2018-10-02T00:00:00",
"dateUpdated": "2024-08-05T11:01:14.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-42794
Vulnerability from cvelistv5
Published
2023-12-16 00:00
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts\u0027 responses."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-16T01:00:50.688230",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf"
},
{
"url": "https://www.aveva.com/en/products/edge/"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42794",
"datePublished": "2023-12-16T00:00:00",
"dateReserved": "2021-10-21T00:00:00",
"dateUpdated": "2024-08-04T03:38:50.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-42796
Vulnerability from cvelistv5
Published
2023-12-16 00:00
Modified
2024-10-07 15:28
Severity ?
EPSS score ?
Summary
An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-42796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T15:26:12.989203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T15:28:19.607Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-16T01:05:03.026492",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.aveva.com/en/products/edge/"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42796",
"datePublished": "2023-12-16T00:00:00",
"dateReserved": "2021-10-21T00:00:00",
"dateUpdated": "2024-10-07T15:28:19.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28688
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2025-02-18 16:38
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17201.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:51.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1127/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28688",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T15:55:32.366287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T16:38:11.238Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Edge",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2020 SP2 Patch 0(4201.2111.1802.0000)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Daan Keuper \u0026 Thijs Alkemade from Computest"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17201."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1127/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-28688",
"datePublished": "2023-03-29T00:00:00.000Z",
"dateReserved": "2022-04-05T00:00:00.000Z",
"dateUpdated": "2025-02-18T16:38:11.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-42797
Vulnerability from cvelistv5
Published
2023-12-16 00:00
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-16T01:10:08.013113",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.aveva.com/en/products/edge/"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42797",
"datePublished": "2023-12-16T00:00:00",
"dateReserved": "2021-10-21T00:00:00",
"dateUpdated": "2024-08-04T03:38:50.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33873
Vulnerability from cvelistv5
Published
2023-11-15 16:22
Modified
2024-11-21 20:10
Severity ?
EPSS score ?
Summary
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AVEVA | SystemPlatform |
Version: 0 < |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:13.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T20:09:45.775149Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T20:10:00.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SystemPlatform",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Historian",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Application Server",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "InTouch",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Enterprise Licensing (formerly known as License Manager)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "3.7.002",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Manufacturing Execution System (formerly known as Wonderware MES)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Recipe Management",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 Update 1 Patch 2 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Batch Management",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 SP1 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Edge (formerly known as Indusoft Web Studio)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Worktasks (formerly known as Workflow Management)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 U2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Plant SCADA (formerly known as Citect)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 Update 15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mobile Operator (formerly known as IntelaTrac Mobile Operator Rounds)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Communication Drivers Pack",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telemetry Server",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lukasz Piotrowski from Equinor reported these vulnerabilities to AVEVA."
}
],
"datePublic": "2023-11-14T16:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.\u003c/span\u003e\n\n"
}
],
"value": "\nThis privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-15T16:22:31.927Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected products should apply security updates as soon as possible.\u003c/p\u003e\u003cp\u003eIn addition to applying security updates, users should follow these general precautions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEnsure that Guest or Anonymous local OS accounts are disabled.\u003c/li\u003e\u003cli\u003eEnsure that only trusted users are able to login on the nodes where the Operations Control Logger is running.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003ePlease see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA Security Bulletin number AVEVA-2023-003\u003c/a\u003e\u0026nbsp;for more information and for links for individual security updates and mitigations for each of the affected products.\u003c/p\u003e\u003cp\u003eAVEVA System Platform 2020 through 2020 R2 SP1 cannot be newly installed on top of other AVEVA products which have been previously patched with the Operations Control Logger v22.1. For additional details please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/#/knowledgebase/details/000038736?lang=en_us\"\u003eAlert 000038736.\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected products should apply security updates as soon as possible.\n\nIn addition to applying security updates, users should follow these general precautions:\n\n * Ensure that Guest or Anonymous local OS accounts are disabled.\n * Ensure that only trusted users are able to login on the nodes where the Operations Control Logger is running.\n\n\nPlease see AVEVA Security Bulletin number AVEVA-2023-003 https://www.aveva.com/en/support-and-success/cyber-security-updates/ \u00a0for more information and for links for individual security updates and mitigations for each of the affected products.\n\nAVEVA System Platform 2020 through 2020 R2 SP1 cannot be newly installed on top of other AVEVA products which have been previously patched with the Operations Control Logger v22.1. For additional details please refer to Alert 000038736. https://softwaresupportsp.aveva.com/#/knowledgebase/details/000038736 \n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "AVEVA Operations Control Logger Execution with Unnecessary Privileges ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-33873",
"datePublished": "2023-11-15T16:22:31.927Z",
"dateReserved": "2023-06-13T14:56:36.315Z",
"dateUpdated": "2024-11-21T20:10:00.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28687
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2025-02-18 16:37
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16257.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:51.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1126/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28687",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T15:58:01.415881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T16:37:10.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Edge",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2020 SP2 Patch 0(4201.2111.1802.0000)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Flashback Team: Pedro Ribeiro (@pedrib1337) \u0026\u0026 Radek Domanski (@RabbitPro)"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16257."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1126/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-28687",
"datePublished": "2023-03-29T00:00:00.000Z",
"dateReserved": "2022-04-05T00:00:00.000Z",
"dateUpdated": "2025-02-18T16:37:10.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28686
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2025-02-18 16:27
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17114.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:51.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1125/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28686",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T16:00:10.125880Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T16:27:51.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Edge",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2020 SP2 Patch 0(4201.2111.1802.0000)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Piotr Bazydlo (@chudypb)"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17114."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1125/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-28686",
"datePublished": "2023-03-29T00:00:00.000Z",
"dateReserved": "2022-04-05T00:00:00.000Z",
"dateUpdated": "2025-02-18T16:27:51.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-36970
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2025-02-18 20:01
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of APP files. Crafted data in a APP file can cause the application to execute arbitrary Visual Basic scripts. The user interface fails to provide sufficient indication of the hazard. An attacker can leverage this vulnerability to execute code in the context of current process. Was ZDI-CAN-17370.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1129/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36970",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T20:00:58.067630Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T20:01:03.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Edge",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "20.0 Build: 4201.2111.1802.0000 Service Pack 2"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Aaron Ferber"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of APP files. Crafted data in a APP file can cause the application to execute arbitrary Visual Basic scripts. The user interface fails to provide sufficient indication of the hazard. An attacker can leverage this vulnerability to execute code in the context of current process. Was ZDI-CAN-17370."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-356",
"description": "CWE-356: Product UI does not Warn User of Unsafe Actions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1129/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-36970",
"datePublished": "2023-03-29T00:00:00.000Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2025-02-18T20:01:03.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28685
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2025-02-18 16:02
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of APP files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17212.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1124/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-28685",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T16:01:41.749119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T16:02:25.382Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Edge",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2020 SP2 Patch 0(4201.2111.1802.0000)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chris Anastasio (muffin) and Steven Seeley (mr_me) of Incite Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of APP files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17212."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1124/"
},
{
"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2022-005.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-28685",
"datePublished": "2023-03-29T00:00:00.000Z",
"dateReserved": "2022-04-05T00:00:00.000Z",
"dateUpdated": "2025-02-18T16:02:25.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-17914
Vulnerability from cvelistv5
Published
2018-11-02 13:00
Modified
2024-08-05 11:01
Severity ?
EPSS score ?
Summary
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01 | x_refsource_MISC | |
| https://www.tenable.com/security/research/tra-2018-34 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| unknown | InduSoft Web Studio, and InTouch Edge HMI (formerly InTouch Machine Edition) |
Version: InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:01:14.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "InduSoft Web Studio, and InTouch Edge HMI (formerly InTouch Machine Edition)",
"vendor": "unknown",
"versions": [
{
"status": "affected",
"version": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2"
}
]
}
],
"datePublic": "2018-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-258",
"description": "EMPTY PASSWORD IN CONFIGURATION FILE CWE-258",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-03T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-34"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-17914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "InduSoft Web Studio, and InTouch Edge HMI (formerly InTouch Machine Edition)",
"version": {
"version_data": [
{
"version_value": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2"
}
]
}
}
]
},
"vendor_name": "unknown"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "EMPTY PASSWORD IN CONFIGURATION FILE CWE-258"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"name": "https://www.tenable.com/security/research/tra-2018-34",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-34"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-17914",
"datePublished": "2018-11-02T13:00:00",
"dateReserved": "2018-10-02T00:00:00",
"dateUpdated": "2024-08-05T11:01:14.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-11-15 17:15
Modified
2024-11-21 08:06
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.aveva.com/en/support-and-success/cyber-security-updates/ | Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.aveva.com/en/support-and-success/cyber-security-updates/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:batch_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2AEDAE-18DB-40C0-AFB0-57136A822BBE",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:batch_management:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "F546770E-B402-4577-8E0D-C7D34CFDE549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:batch_management:2020:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6A67B8AC-2282-4F39-9795-D61F48304049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D62B3995-706D-4285-A3C7-900ED2D176B1",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "D97EE6DC-CCB3-40FF-BC75-A694DCBCE50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "B74F0988-CB5D-4FC4-8CBD-6B43F6CB4C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "B38368FD-D573-4C6A-BBB7-B0CC477C44AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE5AEFF-0C5F-499C-B4AF-3594CC591061",
"versionEndIncluding": "20.1.101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:enterprise_licensing:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D63D153-5F92-4732-8CE7-BF821FDC1FFC",
"versionEndIncluding": "3.7.002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310008CD-1FB4-47C3-9B20-1DF0BC537019",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "33FE93BF-8221-4A84-845B-13693E28F570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "D479F013-5ABC-4B59-845A-E06EF0ADF107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "5B67B330-EB63-4026-A961-EA2EE76A8355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06F39A93-CE38-4696-A301-3B08BB02AA0F",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "87B6DFEA-FED8-4A02-B09A-2676D5C8A5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "A3FDBC50-37E5-4F02-BDAC-22490D139C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "A7D7123E-2439-4325-9733-F10DFF180C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519C16-D78F-4B03-BF68-25977782C15C",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "1288B3F5-2A5F-4516-96F8-FDB33A71060A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:2020:p01:*:*:*:*:*:*",
"matchCriteriaId": "353CAFF0-2928-46F1-B5B5-9F0122BCDF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2244B652-6874-4BD3-9F6A-C01274CE7F25",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "40D03AD9-31E2-422F-9137-4E881A942C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "B9AA5D22-126E-4E0B-AD44-8990B9218AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:r1:*:*:*:*:*:*",
"matchCriteriaId": "062CEF6D-5308-4CC7-A20A-84298C527C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63BCBC30-F337-47AB-96F1-54E46F735B1E",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "7B493552-4A0D-49DC-8669-C7E714669D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "2B714DE8-6E27-48ED-8CB5-6FD3DECB8718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF7755E-D26A-4D55-88BB-2811A18C2589",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "5B0AB6DC-D05F-429F-9FEF-500BE9780456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:2020:update_1_patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8E69E722-AA58-49BD-9D22-5A6DC40FE85F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18048EB2-8F4C-4C75-93BD-0C3D6C42AB4A",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "D47F4B07-B67F-4855-AED2-D17B0E76FA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ED7E9C7-B882-4F57-B796-59A4F90EE185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "33D5FF9C-590D-4BA3-A265-35956E4F36DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:-:*:*:*:*:*:*",
"matchCriteriaId": "12AD341A-07AE-4837-A1DC-471FFF0926DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "62A91A30-CB69-4E14-9C32-BF848E740944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061DD968-A34E-4AA2-B0EC-ECBAF4B15605",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "78E65146-9CB1-423B-A565-48530C453382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:update_1:*:*:*:*:*:*",
"matchCriteriaId": "64EF2703-3C49-468A-ADA9-E78173DF4F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:update_2:*:*:*:*:*:*",
"matchCriteriaId": "4131B6FF-AF15-4F52-9415-A9E150B169DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nThis privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.\n\n"
},
{
"lang": "es",
"value": "Esta vulnerabilidad de escalada de privilegios, si se explota, en la nube permite que un usuario local autenticado en el sistema operativo con privilegios est\u00e1ndar escale a privilegios del sistema en la m\u00e1quina donde est\u00e1n instalados estos productos, lo que resulta en un compromiso total de la m\u00e1quina de destino."
}
],
"id": "CVE-2023-33873",
"lastModified": "2024-11-21T08:06:06.847",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-15T17:15:41.313",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-250"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-02 13:29
Modified
2024-11-21 03:55
Severity ?
Summary
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01 | Mitigation, Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.tenable.com/security/research/tra-2018-34 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2018-34 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aveva | indusoft_web_studio | 6.1 | |
| aveva | indusoft_web_studio | 6.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.1 | |
| aveva | indusoft_web_studio | 8.1 | |
| aveva | indusoft_web_studio | 8.1 | |
| aveva | indusoft_web_studio | 8.1 | |
| aveva | edge | 8.1 | |
| aveva | edge | 8.1 | |
| aveva | intouch_machine_edition_2014 | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:6.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "4C7C2429-3A6B-4552-B12D-CBA00563907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:6.1:sp6_p3:*:*:*:*:*:*",
"matchCriteriaId": "05020B8D-DB30-4BDA-9BD3-0C7C4804859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55E9450D-F600-4DC6-8C72-8D79974B6802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D2CB5BAC-BFCE-41C2-A25C-3E6CB218FBD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "FBFEECD4-C454-4A47-9B81-91699C325DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A62CC412-F399-40B7-8000-A4A707F7F6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p1:*:*:*:*:*:*",
"matchCriteriaId": "127CC5C8-822A-4630-813E-5AE39BEBD5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p2:*:*:*:*:*:*",
"matchCriteriaId": "3D90DF6B-B281-48D3-8672-25294990E611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p3:*:*:*:*:*:*",
"matchCriteriaId": "8721C8BE-1946-4030-B056-67A6B42BCDCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p4:*:*:*:*:*:*",
"matchCriteriaId": "C07C446B-6125-46D7-BDC4-11849BA6A72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p5:*:*:*:*:*:*",
"matchCriteriaId": "8D4A9403-5D1E-464F-8B40-D554F4A7C3AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p6:*:*:*:*:*:*",
"matchCriteriaId": "FDFC8512-2971-48C3-9576-0FA74B59406B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p7:*:*:*:*:*:*",
"matchCriteriaId": "D2991440-E8EB-4AB1-A861-2A263C443DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p8:*:*:*:*:*:*",
"matchCriteriaId": "23DA9BCB-F9BD-4F9F-A77E-95210C270539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p9:*:*:*:*:*:*",
"matchCriteriaId": "AD1C359C-61FA-4E5F-81CA-991BCB8CD9A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D07A836A-535F-437E-BD25-1D833BD63327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "AAD4BA73-691D-4E12-936C-7B0F0A0AFF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "D515729F-9316-470F-8D18-34B674E8F5D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "542A2064-3D3D-4EF0-AEF5-3D8C45BD8CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3C282BFD-02D9-4F80-BBD9-B84B0703D07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp1_p1:*:*:*:*:*:*",
"matchCriteriaId": "92E5DA1B-459C-44B2-9E0B-2B88C985DA98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "186D0227-8791-44E0-8B80-2AE0427B69D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp2_p1:*:*:*:*:*:*",
"matchCriteriaId": "DDA36D8C-6CE2-4C5B-A4E2-68031D97516D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B550C6-160F-480D-8B70-92C6D236C3EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "2C809DC5-73DC-4E00-ABAB-558844CE2103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "BC7F3AAD-E423-4CA2-BB78-AC7B081338D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:sp1_p1:*:*:*:*:*:*",
"matchCriteriaId": "870D0F41-F2CE-4693-8815-5527A6E5ECD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:edge:8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "B1EF7073-1651-4E3D-8E7E-5F380A098E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:8.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "799F6063-CD93-4F74-A3F9-941AED66FCBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch_machine_edition_2014:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "67AB4CF8-A2C6-4B0D-87EB-62617943F705",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime."
},
{
"lang": "es",
"value": "InduSoft Web Studio en versiones anteriores a la 8.1 SP2 e InTouch Edge HMI (anteriormente llamado InTouch Machine Edition) en versiones anteriores a la 2017 SP2. Esta vulnerabilidad podr\u00eda permitir que un usuario no autenticado ejecute c\u00f3digo remotamente con los mismos privilegios que los del tiempo de ejecuci\u00f3n de InduSoft Web Studio o InTouch Edge HMI (anteriormente InTouch Machine Edition)."
}
],
"id": "CVE-2018-17914",
"lastModified": "2024-11-21T03:55:11.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-02T13:29:00.230",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-34"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-34"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-258"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-16 01:15
Modified
2024-11-21 06:28
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.aveva.com/en/products/edge/ | Product | |
| cve@mitre.org | https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.aveva.com/en/products/edge/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf | Exploit, Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1838ED5C-E082-4087-A55D-8038A308510C",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "AF8F7975-0BF0-446E-A33C-306D9045BE5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:r2:-:*:*:*:*:*",
"matchCriteriaId": "F6A6358A-9F55-452A-8378-5BF05473EDFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:r2:sp1:*:*:*:*:*",
"matchCriteriaId": "D5080C65-4773-4AF2-B385-9FD02BAD5237",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts\u0027 responses."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en las versiones R2020 y anteriores de AVEVA Edge (anteriormente InduSoft Web Studio). La aplicaci\u00f3n permite a un cliente proporcionar una cadena de conexi\u00f3n maliciosa que podr\u00eda permitir a un adversario escanear puertos de la LAN, dependiendo de las respuestas de los hosts."
}
],
"id": "CVE-2021-42794",
"lastModified": "2024-11-21T06:28:10.897",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-16T01:15:07.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-15 17:15
Modified
2024-11-21 08:07
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.aveva.com/en/support-and-success/cyber-security-updates/ | Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.aveva.com/en/support-and-success/cyber-security-updates/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:batch_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2AEDAE-18DB-40C0-AFB0-57136A822BBE",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:batch_management:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "F546770E-B402-4577-8E0D-C7D34CFDE549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:batch_management:2020:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6A67B8AC-2282-4F39-9795-D61F48304049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D62B3995-706D-4285-A3C7-900ED2D176B1",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "D97EE6DC-CCB3-40FF-BC75-A694DCBCE50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "B74F0988-CB5D-4FC4-8CBD-6B43F6CB4C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "B38368FD-D573-4C6A-BBB7-B0CC477C44AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE5AEFF-0C5F-499C-B4AF-3594CC591061",
"versionEndIncluding": "20.1.101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:enterprise_licensing:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D63D153-5F92-4732-8CE7-BF821FDC1FFC",
"versionEndIncluding": "3.7.002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310008CD-1FB4-47C3-9B20-1DF0BC537019",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "33FE93BF-8221-4A84-845B-13693E28F570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "D479F013-5ABC-4B59-845A-E06EF0ADF107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "5B67B330-EB63-4026-A961-EA2EE76A8355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06F39A93-CE38-4696-A301-3B08BB02AA0F",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "87B6DFEA-FED8-4A02-B09A-2676D5C8A5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "A3FDBC50-37E5-4F02-BDAC-22490D139C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "A7D7123E-2439-4325-9733-F10DFF180C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519C16-D78F-4B03-BF68-25977782C15C",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "1288B3F5-2A5F-4516-96F8-FDB33A71060A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:2020:p01:*:*:*:*:*:*",
"matchCriteriaId": "353CAFF0-2928-46F1-B5B5-9F0122BCDF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2244B652-6874-4BD3-9F6A-C01274CE7F25",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "40D03AD9-31E2-422F-9137-4E881A942C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "B9AA5D22-126E-4E0B-AD44-8990B9218AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:r1:*:*:*:*:*:*",
"matchCriteriaId": "062CEF6D-5308-4CC7-A20A-84298C527C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63BCBC30-F337-47AB-96F1-54E46F735B1E",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "7B493552-4A0D-49DC-8669-C7E714669D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "2B714DE8-6E27-48ED-8CB5-6FD3DECB8718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF7755E-D26A-4D55-88BB-2811A18C2589",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "5B0AB6DC-D05F-429F-9FEF-500BE9780456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:2020:update_1_patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8E69E722-AA58-49BD-9D22-5A6DC40FE85F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18048EB2-8F4C-4C75-93BD-0C3D6C42AB4A",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "D47F4B07-B67F-4855-AED2-D17B0E76FA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ED7E9C7-B882-4F57-B796-59A4F90EE185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "33D5FF9C-590D-4BA3-A265-35956E4F36DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:-:*:*:*:*:*:*",
"matchCriteriaId": "12AD341A-07AE-4837-A1DC-471FFF0926DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "62A91A30-CB69-4E14-9C32-BF848E740944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061DD968-A34E-4AA2-B0EC-ECBAF4B15605",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "78E65146-9CB1-423B-A565-48530C453382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:update_1:*:*:*:*:*:*",
"matchCriteriaId": "64EF2703-3C49-468A-ADA9-E78173DF4F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:update_2:*:*:*:*:*:*",
"matchCriteriaId": "4131B6FF-AF15-4F52-9415-A9E150B169DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nThis external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.\n\n"
},
{
"lang": "es",
"value": "Esta vulnerabilidad de control externo, si se explota, podr\u00eda permitir que un usuario local autenticado en el sistema operativo con privilegios est\u00e1ndar elimine archivos con privilegios de sistema en la m\u00e1quina donde est\u00e1n instalados estos productos, lo que resultar\u00eda en una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2023-34982",
"lastModified": "2024-11-21T08:07:46.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-15T17:15:41.563",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-73"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-610"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-16 01:15
Modified
2024-11-21 06:28
Severity ?
Summary
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.aveva.com/en/products/edge/ | Product | |
| cve@mitre.org | https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.aveva.com/en/products/edge/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1838ED5C-E082-4087-A55D-8038A308510C",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "AF8F7975-0BF0-446E-A33C-306D9045BE5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:r2:-:*:*:*:*:*",
"matchCriteriaId": "F6A6358A-9F55-452A-8378-5BF05473EDFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:r2:sp1:*:*:*:*:*",
"matchCriteriaId": "D5080C65-4773-4AF2-B385-9FD02BAD5237",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources."
},
{
"lang": "es",
"value": "Vulnerabilidad de path traversal en las versiones R2020 y anteriores de AVEVA Edge (anteriormente InduSoft Web Studio) permite que un usuario no autenticado robe el token de acceso de Windows de la cuenta de usuario configurada para acceder a recursos de base de datos externos."
}
],
"id": "CVE-2021-42797",
"lastModified": "2024-11-21T06:28:11.290",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-16T01:15:07.587",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-02 13:29
Modified
2024-11-21 03:55
Severity ?
Summary
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01 | Mitigation, Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.tenable.com/security/research/tra-2018-34 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2018-34 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aveva | indusoft_web_studio | 6.1 | |
| aveva | indusoft_web_studio | 6.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 7.1 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.0 | |
| aveva | indusoft_web_studio | 8.1 | |
| aveva | indusoft_web_studio | 8.1 | |
| aveva | indusoft_web_studio | 8.1 | |
| aveva | indusoft_web_studio | 8.1 | |
| aveva | edge | 8.1 | |
| aveva | edge | 8.1 | |
| aveva | intouch_machine_edition_2014 | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:6.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "4C7C2429-3A6B-4552-B12D-CBA00563907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:6.1:sp6_p3:*:*:*:*:*:*",
"matchCriteriaId": "05020B8D-DB30-4BDA-9BD3-0C7C4804859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55E9450D-F600-4DC6-8C72-8D79974B6802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D2CB5BAC-BFCE-41C2-A25C-3E6CB218FBD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "FBFEECD4-C454-4A47-9B81-91699C325DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A62CC412-F399-40B7-8000-A4A707F7F6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p1:*:*:*:*:*:*",
"matchCriteriaId": "127CC5C8-822A-4630-813E-5AE39BEBD5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p2:*:*:*:*:*:*",
"matchCriteriaId": "3D90DF6B-B281-48D3-8672-25294990E611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p3:*:*:*:*:*:*",
"matchCriteriaId": "8721C8BE-1946-4030-B056-67A6B42BCDCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p4:*:*:*:*:*:*",
"matchCriteriaId": "C07C446B-6125-46D7-BDC4-11849BA6A72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p5:*:*:*:*:*:*",
"matchCriteriaId": "8D4A9403-5D1E-464F-8B40-D554F4A7C3AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p6:*:*:*:*:*:*",
"matchCriteriaId": "FDFC8512-2971-48C3-9576-0FA74B59406B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p7:*:*:*:*:*:*",
"matchCriteriaId": "D2991440-E8EB-4AB1-A861-2A263C443DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p8:*:*:*:*:*:*",
"matchCriteriaId": "23DA9BCB-F9BD-4F9F-A77E-95210C270539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p9:*:*:*:*:*:*",
"matchCriteriaId": "AD1C359C-61FA-4E5F-81CA-991BCB8CD9A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D07A836A-535F-437E-BD25-1D833BD63327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "AAD4BA73-691D-4E12-936C-7B0F0A0AFF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "D515729F-9316-470F-8D18-34B674E8F5D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "542A2064-3D3D-4EF0-AEF5-3D8C45BD8CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3C282BFD-02D9-4F80-BBD9-B84B0703D07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp1_p1:*:*:*:*:*:*",
"matchCriteriaId": "92E5DA1B-459C-44B2-9E0B-2B88C985DA98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "186D0227-8791-44E0-8B80-2AE0427B69D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp2_p1:*:*:*:*:*:*",
"matchCriteriaId": "DDA36D8C-6CE2-4C5B-A4E2-68031D97516D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B550C6-160F-480D-8B70-92C6D236C3EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "2C809DC5-73DC-4E00-ABAB-558844CE2103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "BC7F3AAD-E423-4CA2-BB78-AC7B081338D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:sp1_p1:*:*:*:*:*:*",
"matchCriteriaId": "870D0F41-F2CE-4693-8815-5527A6E5ECD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:edge:8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "B1EF7073-1651-4E3D-8E7E-5F380A098E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:8.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "799F6063-CD93-4F74-A3F9-941AED66FCBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch_machine_edition_2014:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "67AB4CF8-A2C6-4B0D-87EB-62617943F705",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine."
},
{
"lang": "es",
"value": "InduSoft Web Studio en versiones anteriores a la 8.1 SP2 e InTouch Edge HMI (anteriormente llamado InTouch Machine Edition) en versiones anteriores a la 2017 SP2. Un atacante remoto podr\u00eda enviar un paquete cuidadosamente manipulado para explotar una vulnerabilidad de desbordamiento de b\u00fafer basado en pila durante acciones relacionadas con etiquetas, alarmas o eventos, tales como la lectura y la escritura, con la posibilidad de que se ejecute c\u00f3digo. Si la seguridad de las comunicaciones remotas de InduSoft Web Studio no est\u00e1 habilitada o la contrase\u00f1a se deja en blanco, un usuario remoto podr\u00eda enviar un paquete cuidadosamente manipulado para invocar un proceso arbitrario o incluso ejecutar c\u00f3digo. Este c\u00f3digo se ejecutar\u00eda bajo los privilegios de los tiempos de ejecuci\u00f3n de InduSoft Web Studio o InTouch Edge HMI y podr\u00eda conducir al compromiso de la m\u00e1quina del servidor de InduSoft Web Studio o InTouch Edge HMI."
}
],
"id": "CVE-2018-17916",
"lastModified": "2024-11-21T03:55:12.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-02T13:29:00.323",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-34"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-305-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-34"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-16 01:15
Modified
2024-11-21 06:28
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.aveva.com/en/products/edge/ | Product | |
| cve@mitre.org | https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.aveva.com/en/products/edge/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1838ED5C-E082-4087-A55D-8038A308510C",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "AF8F7975-0BF0-446E-A33C-306D9045BE5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:r2:-:*:*:*:*:*",
"matchCriteriaId": "F6A6358A-9F55-452A-8378-5BF05473EDFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:2020:r2:sp1:*:*:*:*:*",
"matchCriteriaId": "D5080C65-4773-4AF2-B385-9FD02BAD5237",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en ExecuteCommand() en las versiones R2020 y anteriores de AVEVA Edge (anteriormente InduSoft Web Studio) que permite ejecutar comandos arbitrarios no autenticados."
}
],
"id": "CVE-2021-42796",
"lastModified": "2024-11-21T06:28:11.067",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-12-16T01:15:07.540",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.aveva.com/en/products/edge/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}