Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
81 vulnerabilities by invensys
VAR-200711-0210
Vulnerability from variot - Updated: 2024-02-22 23:05Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs. Invensys Wonderware InTouch is prone to a privilege-escalation vulnerability because of poor default permissions on a NetDDE share. Attackers can exploit this issue to execute arbitrary applications that accept NetDDE connections. This can compromise the application and possibly the underlying computer. InTouch 8.0 is vulnerable.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
TITLE: Invensys Wonderware InTouch Insecure NetDDE Share Permissions Security Issue
SECUNIA ADVISORY ID: SA27751
VERIFY ADVISORY: http://secunia.com/advisories/27751/
CRITICAL: Less critical
IMPACT: System access
WHERE:
From local network
SOFTWARE: Invensys Wonderware InTouch 8.x http://secunia.com/product/16628/
DESCRIPTION: A security issue has been reported in Invensys Wonderware InTouch, which potentially can be exploited by malicious users to compromise a vulnerable system.
The security issue is reported in version 8.0.
SOLUTION: Apply updates or upgrade to version 9.0 or later (see vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: Discovered by Neutralbit and reported via US-CERT with assistance from Digital Bond.
ORIGINAL ADVISORY: Wonderware: http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
US-CERT VU#138633: http://www.kb.cert.org/vuls/id/138633
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200711-0210",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intouch",
"scope": "eq",
"trust": 2.7,
"vendor": "wonderware",
"version": "8.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "invensys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "takebishi",
"version": null
},
{
"model": "intouch",
"scope": "eq",
"trust": 0.8,
"vendor": "wonderware",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch",
"version": "8.0"
}
],
"sources": [
{
"db": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#138633"
},
{
"db": "BID",
"id": "26496"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-272"
},
{
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wonderware:intouch:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Neutralbit, with assistance from Digital Bond, discovered this issue.",
"sources": [
{
"db": "BID",
"id": "26496"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-272"
}
],
"trust": 0.9
},
"cve": "CVE-2007-6033",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-6033",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2007-6033",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-6033",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#138633",
"trust": 0.8,
"value": "0.57"
},
{
"author": "CNNVD",
"id": "CNNVD-200711-272",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2007-6033",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#138633"
},
{
"db": "VULMON",
"id": "CVE-2007-6033"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-272"
},
{
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs. Invensys Wonderware InTouch is prone to a privilege-escalation vulnerability because of poor default permissions on a NetDDE share. \nAttackers can exploit this issue to execute arbitrary applications that accept NetDDE connections. This can compromise the application and possibly the underlying computer. \nInTouch 8.0 is vulnerable. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nGet a free trial of the Secunia Vulnerability Intelligence Solutions:\nhttp://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Wonderware InTouch Insecure NetDDE Share Permissions\nSecurity Issue\n\nSECUNIA ADVISORY ID:\nSA27751\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27751/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nInvensys Wonderware InTouch 8.x\nhttp://secunia.com/product/16628/\n\nDESCRIPTION:\nA security issue has been reported in Invensys Wonderware InTouch,\nwhich potentially can be exploited by malicious users to compromise a\nvulnerable system. \n\nThe security issue is reported in version 8.0. \n\nSOLUTION:\nApply updates or upgrade to version 9.0 or later (see vendor\u0027s\nadvisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nDiscovered by Neutralbit and reported via US-CERT with assistance\nfrom Digital Bond. \n\nORIGINAL ADVISORY:\nWonderware:\nhttp://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2\u0026NewsID=201804\n\nUS-CERT VU#138633:\nhttp://www.kb.cert.org/vuls/id/138633\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6033"
},
{
"db": "CERT/CC",
"id": "VU#138633"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"db": "BID",
"id": "26496"
},
{
"db": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2007-6033"
},
{
"db": "PACKETSTORM",
"id": "61250"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6033",
"trust": 3.8
},
{
"db": "CERT/CC",
"id": "VU#138633",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "27751",
"trust": 2.7
},
{
"db": "BID",
"id": "26496",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "42398",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200711-272",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006343",
"trust": 0.8
},
{
"db": "IVD",
"id": "2424B4DC-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2007-6033",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "61250",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#138633"
},
{
"db": "VULMON",
"id": "CVE-2007-6033"
},
{
"db": "BID",
"id": "26496"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"db": "PACKETSTORM",
"id": "61250"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-272"
},
{
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"id": "VAR-200711-0210",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d"
}
],
"trust": 0.7940171
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d"
}
]
},
"last_update_date": "2024-02-22T23:05:04.317000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "http://global.wonderware.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-006343"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.0
},
{
"problemtype": "Improper permission assignment for critical resources (CWE-732) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/138633"
},
{
"trust": 2.9,
"url": "http://pacwest.wonderware.com/web/news/newsdetails.aspx?newsthreadid=2\u0026newsid=201804"
},
{
"trust": 2.5,
"url": "http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/26496"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27751"
},
{
"trust": 1.7,
"url": "http://osvdb.org/42398"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/27751/"
},
{
"trust": 0.8,
"url": "http://us.wonderware.com/aboutus/whoweare/contactus.htm"
},
{
"trust": 0.8,
"url": "http://blogs.msdn.com/nickkramer/archive/2006/04/18/577962.aspx"
},
{
"trust": 0.8,
"url": "http://msdn2.microsoft.com/en-us/library/ms648711.aspx"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;125703"
},
{
"trust": 0.8,
"url": "http://lists.immunitysec.com/pipermail/dailydave/2004-october/001014.html"
},
{
"trust": 0.8,
"url": "http://www.digitalbond.com/index.php/2008/01/29/vulnerable-netdde-shares-lead-to-complete-system-compromise/"
},
{
"trust": 0.8,
"url": "http://www.digitalbond.com/wiki/index.php/invensys_wonderware_intouch_creates_insecure_netdde_share"
},
{
"trust": 0.8,
"url": "http://technet2.microsoft.com/windowsserver/en/library/2c82586e-bd58-42b7-9976-228a23721e351033.mspx"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/278259"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/243330"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6033"
},
{
"trust": 0.3,
"url": "http://us.wonderware.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16628/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#138633"
},
{
"db": "VULMON",
"id": "CVE-2007-6033"
},
{
"db": "BID",
"id": "26496"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"db": "PACKETSTORM",
"id": "61250"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-272"
},
{
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#138633"
},
{
"db": "VULMON",
"id": "CVE-2007-6033"
},
{
"db": "BID",
"id": "26496"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"db": "PACKETSTORM",
"id": "61250"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-272"
},
{
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-19T00:00:00",
"db": "IVD",
"id": "2424b4dc-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2007-11-19T00:00:00",
"db": "CERT/CC",
"id": "VU#138633"
},
{
"date": "2007-11-20T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6033"
},
{
"date": "2007-11-19T00:00:00",
"db": "BID",
"id": "26496"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"date": "2007-11-27T03:39:45",
"db": "PACKETSTORM",
"id": "61250"
},
{
"date": "2007-11-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200711-272"
},
{
"date": "2007-11-20T02:46:00",
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-02-26T00:00:00",
"db": "CERT/CC",
"id": "VU#138633"
},
{
"date": "2008-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6033"
},
{
"date": "2007-12-18T20:06:00",
"db": "BID",
"id": "26496"
},
{
"date": "2024-02-22T05:18:00",
"db": "JVNDB",
"id": "JVNDB-2007-006343"
},
{
"date": "2007-11-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200711-272"
},
{
"date": "2024-01-25T21:37:04.507000",
"db": "NVD",
"id": "CVE-2007-6033"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200711-272"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware InTouch creates insecure NetDDE share",
"sources": [
{
"db": "CERT/CC",
"id": "VU#138633"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200711-272"
}
],
"trust": 0.6
}
}
VAR-201207-0173
Vulnerability from variot - Updated: 2023-12-18 13:34Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/SCADA, InBatch, and Wonderware Historian, allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. DLL It may be possible to get permission through the file. Invensys is a leading provider of automation and information technology, systems, software solutions, services and consulting for the manufacturing and infrastructure industries. Multiple Invensys Wonderware products are insecure to load library files, allowing an attacker to build specially crafted files, place them on a remote WebDAV or SMB share, entice users to parse, and execute arbitrary code in the application context. Multiple Invensys products are prone to a vulnerability that lets attackers execute arbitrary code. ----------------------------------------------------------------------
We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi
TITLE: Invensys Wonderware Products Insecure Library Loading Vulnerability
SECUNIA ADVISORY ID: SA50028
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50028/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50028
RELEASE DATE: 2012-07-24
DISCUSS ADVISORY: http://secunia.com/advisories/50028/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50028/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50028
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in multiple Invensys Wonderware products, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries in an insecure manner.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Carlos Mario Penagos Hollmann.
ORIGINAL ADVISORY: http://www.us-cert.gov/control_systems/pdf/ICSA-12-177-02.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intouch",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2012"
},
{
"model": "wonderware information server",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware historian",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "10.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "foxboro control software",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "foxboro control software",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "intouch\\/wonderware application server",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "2012"
},
{
"model": "intouch\\/wonderware application server",
"scope": "eq",
"trust": 1.0,
"vendor": "invensys",
"version": "10.5"
},
{
"model": "intouch\\/wonderware application server",
"scope": "eq",
"trust": 1.0,
"vendor": "invensys",
"version": "10.0"
},
{
"model": "infusion ce\\/fe\\/scada",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "wonderware inbatch",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "9.5"
},
{
"model": "wonderware historian",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "10.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "foxboro control software",
"scope": "lte",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "infusion ce/fe/scada",
"scope": "lte",
"trust": 0.8,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "wonderware application server",
"scope": "lte",
"trust": 0.8,
"vendor": "invensys",
"version": "2012"
},
{
"model": "wonderware historian",
"scope": "lte",
"trust": 0.8,
"vendor": "invensys",
"version": "10.0 sp1"
},
{
"model": "wonderware inbatch",
"scope": "lte",
"trust": 0.8,
"vendor": "invensys",
"version": "9.5 sp1"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "4.x"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "9.x"
},
{
"model": "foxboro control software",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "4.x"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "3.x"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2012"
},
{
"model": "infusion control edition",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.x"
},
{
"model": "infusion foundation edition",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.x"
},
{
"model": "infusion scada",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.x"
},
{
"model": "wonderware historian client",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "10.x"
},
{
"model": "wonderware intouch",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "10.x"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "9.5"
},
{
"model": "infusion ce\\/fe\\/scada",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": "wonderware inbatch sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "9.5"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "20120"
},
{
"model": "infusion ce/fe/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "foxboro control",
"version": "3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "foxboro control",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "infusion ce fe scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch wonderware application server",
"version": "10.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch wonderware application server",
"version": "10.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch wonderware application server",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware historian",
"version": "10.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware historian",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware inbatch",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"db": "BID",
"id": "54646"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"db": "NVD",
"id": "CVE-2012-3005"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch\\/wonderware_application_server:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch\\/wonderware_application_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_ce\\/fe\\/scada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_historian:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_historian:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:foxboro_control_software:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch\\/wonderware_application_server:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:foxboro_control_software:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3005"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollmann",
"sources": [
{
"db": "BID",
"id": "54646"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3005",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3005",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "94295318-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-56286",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3005",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-432",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56286",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56286"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"db": "NVD",
"id": "CVE-2012-3005"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/SCADA, InBatch, and Wonderware Historian, allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. DLL It may be possible to get permission through the file. Invensys is a leading provider of automation and information technology, systems, software solutions, services and consulting for the manufacturing and infrastructure industries. Multiple Invensys Wonderware products are insecure to load library files, allowing an attacker to build specially crafted files, place them on a remote WebDAV or SMB share, entice users to parse, and execute arbitrary code in the application context. Multiple Invensys products are prone to a vulnerability that lets attackers execute arbitrary code. ----------------------------------------------------------------------\n\nWe are millions! Join us to protect all Pc\u0027s Worldwide. \nDownload the new Secunia PSI 3.0 available in 5 languages and share it with your friends:\nhttp://secunia.com/psi\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Wonderware Products Insecure Library Loading Vulnerability\n\nSECUNIA ADVISORY ID:\nSA50028\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50028/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50028\n\nRELEASE DATE:\n2012-07-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50028/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50028/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50028\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in multiple Invensys Wonderware\nproducts, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\nThe vulnerability is caused due to the application loading libraries\nin an insecure manner. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Carlos Mario Penagos Hollmann. \n\nORIGINAL ADVISORY:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-177-02.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3005"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"db": "BID",
"id": "54646"
},
{
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56286"
},
{
"db": "PACKETSTORM",
"id": "114985"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3005",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-177-02",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "50028",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-201207-432",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3891",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003409",
"trust": 0.8
},
{
"db": "BID",
"id": "54646",
"trust": 0.4
},
{
"db": "IVD",
"id": "94295318-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56286",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114985",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"db": "VULHUB",
"id": "VHN-56286"
},
{
"db": "BID",
"id": "54646"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"db": "PACKETSTORM",
"id": "114985"
},
{
"db": "NVD",
"id": "CVE-2012-3005"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
]
},
"id": "VAR-201207-0173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"db": "VULHUB",
"id": "VHN-56286"
}
],
"trust": 1.5819730125000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3891"
}
]
},
"last_update_date": "2023-12-18T13:34:49.213000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/en/pages/home.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/default.aspx"
},
{
"title": "Invensys product DLL loads patches for arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/19202"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"db": "NVD",
"id": "CVE-2012-3005"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-177-02.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3005"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3005"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50028/http"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50028"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50028/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50028/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50028"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"db": "VULHUB",
"id": "VHN-56286"
},
{
"db": "BID",
"id": "54646"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"db": "PACKETSTORM",
"id": "114985"
},
{
"db": "NVD",
"id": "CVE-2012-3005"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"db": "VULHUB",
"id": "VHN-56286"
},
{
"db": "BID",
"id": "54646"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"db": "PACKETSTORM",
"id": "114985"
},
{
"db": "NVD",
"id": "CVE-2012-3005"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-26T00:00:00",
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"date": "2012-07-26T00:00:00",
"db": "VULHUB",
"id": "VHN-56286"
},
{
"date": "2012-07-23T00:00:00",
"db": "BID",
"id": "54646"
},
{
"date": "2012-07-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"date": "2012-07-25T04:54:59",
"db": "PACKETSTORM",
"id": "114985"
},
{
"date": "2012-07-26T10:41:47.747000",
"db": "NVD",
"id": "CVE-2012-3005"
},
{
"date": "2012-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3891"
},
{
"date": "2012-07-30T00:00:00",
"db": "VULHUB",
"id": "VHN-56286"
},
{
"date": "2015-03-19T08:51:00",
"db": "BID",
"id": "54646"
},
{
"date": "2012-07-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003409"
},
{
"date": "2012-07-30T04:00:00",
"db": "NVD",
"id": "CVE-2012-3005"
},
{
"date": "2012-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "54646"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware InTouch Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003409"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "94295318-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-432"
}
],
"trust": 0.8
}
}
VAR-201207-0299
Vulnerability from variot - Updated: 2023-12-18 13:34slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unicode string, a different vulnerability than CVE-2012-3007. WonderWare is an industrial control and automation software. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Invensys Wonderware InTouch SuiteLink Service Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA49173
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49173/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49173
RELEASE DATE: 2012-05-16
DISCUSS ADVISORY: http://secunia.com/advisories/49173/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49173/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49173
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Invensys Wonderware InTouch, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the SuiteLink Service (slssvc.exe) when processing certain packets. This can be exploited to cause the service to crash via a specially crafted packet sent to TCP port 5413.
The vulnerability is confirmed in version 10.1.300 Build 0268 (slssvc.exe version 51.5.0.0). Other versions may also be affected.
SOLUTION: Restrict access to trusted hosts only.
PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma
ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/suitelink_1-adv.txt
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intouch",
"scope": "eq",
"trust": 3.0,
"vendor": "invensys",
"version": "2012"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 3.0,
"vendor": "invensys",
"version": "2012"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch",
"version": "2012"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware application server",
"version": "2012"
}
],
"sources": [
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"db": "NVD",
"id": "CVE-2012-3847"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch:2012:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:2012:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3847"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "112815"
}
],
"trust": 0.1
},
"cve": "CVE-2012-3847",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-3847",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "b181e088-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-57128",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3847",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-050",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-57128",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57128"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"db": "NVD",
"id": "CVE-2012-3847"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unicode string, a different vulnerability than CVE-2012-3007. WonderWare is an industrial control and automation software. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Wonderware InTouch SuiteLink Service Denial of Service\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA49173\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49173/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49173\n\nRELEASE DATE:\n2012-05-16\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49173/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49173/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49173\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nLuigi Auriemma has discovered a vulnerability in Invensys Wonderware\nInTouch, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nThe vulnerability is caused due to an error within the SuiteLink\nService (slssvc.exe) when processing certain packets. This can be\nexploited to cause the service to crash via a specially crafted\npacket sent to TCP port 5413. \n\nThe vulnerability is confirmed in version 10.1.300 Build 0268\n(slssvc.exe version 51.5.0.0). Other versions may also be affected. \n\nSOLUTION:\nRestrict access to trusted hosts only. \n\nPROVIDED AND/OR DISCOVERED BY:\nLuigi Auriemma\n\nORIGINAL ADVISORY:\nLuigi Auriemma:\nhttp://aluigi.altervista.org/adv/suitelink_1-adv.txt\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3847"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57128"
},
{
"db": "PACKETSTORM",
"id": "112815"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3847",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-12-171-01",
"trust": 3.1
},
{
"db": "SECUNIA",
"id": "49173",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201207-050",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3547",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016",
"trust": 0.8
},
{
"db": "IVD",
"id": "B181E088-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-57128",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112815",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"db": "VULHUB",
"id": "VHN-57128"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"db": "PACKETSTORM",
"id": "112815"
},
{
"db": "NVD",
"id": "CVE-2012-3847"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
]
},
"id": "VAR-201207-0299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"db": "VULHUB",
"id": "VHN-57128"
}
],
"trust": 1.5072797000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3547"
}
]
},
"last_update_date": "2023-12-18T13:34:49.172000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SuiteLink Service (SLSSVC) Vulnerability (LFSEC 00000038 - UPDATED)",
"trust": 0.8,
"url": "http://iom.invensys.com/en/pdflibrary/security_bulletin_lfsec00000038.pdf"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/default.aspx"
},
{
"title": "Patch for Invensys Wonderware SuiteLink Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18633"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57128"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"db": "NVD",
"id": "CVE-2012-3847"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-171-01.pdf"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/49173"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3847"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3847"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49173"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://aluigi.altervista.org/adv/suitelink_1-adv.txt"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49173/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49173/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"db": "VULHUB",
"id": "VHN-57128"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"db": "PACKETSTORM",
"id": "112815"
},
{
"db": "NVD",
"id": "CVE-2012-3847"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"db": "VULHUB",
"id": "VHN-57128"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"db": "PACKETSTORM",
"id": "112815"
},
{
"db": "NVD",
"id": "CVE-2012-3847"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"date": "2012-07-05T00:00:00",
"db": "VULHUB",
"id": "VHN-57128"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"date": "2012-05-17T11:19:10",
"db": "PACKETSTORM",
"id": "112815"
},
{
"date": "2012-07-05T03:23:18.683000",
"db": "NVD",
"id": "CVE-2012-3847"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3547"
},
{
"date": "2012-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-57128"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003016"
},
{
"date": "2012-08-14T03:38:54.987000",
"db": "NVD",
"id": "CVE-2012-3847"
},
{
"date": "2012-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware SuiteLink Denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3547"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource management error",
"sources": [
{
"db": "IVD",
"id": "b181e088-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-050"
}
],
"trust": 0.8
}
}
VAR-201207-0134
Vulnerability from variot - Updated: 2023-12-18 13:34Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 and WAS before 3.5, DASABCIP before 4.1 SP2, DASSiDirect before 3.0, DAServer Runtime Components before 3.0 SP2, and other products, allows remote attackers to cause a denial of service (daemon crash or hang) via a long Unicode string. WonderWare is an industrial control and automation software. Wonderware SuiteLink is prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. These products are as follows: InTouch/Wonderware Application Server IT pre-10.5 and WAS pre-3.5, DASABCIP pre-4.1 SP2, DASSiDirect pre-3.0, DAServer Runtime Components pre-3.0 SP2 and others. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Invensys Wonderware InTouch SuiteLink Service Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA49173
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49173/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49173
RELEASE DATE: 2012-05-16
DISCUSS ADVISORY: http://secunia.com/advisories/49173/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49173/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49173
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Invensys Wonderware InTouch, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the SuiteLink Service (slssvc.exe) when processing certain packets. This can be exploited to cause the service to crash via a specially crafted packet sent to TCP port 5413.
The vulnerability is confirmed in version 10.1.300 Build 0268 (slssvc.exe version 51.5.0.0). Other versions may also be affected.
SOLUTION: Restrict access to trusted hosts only.
PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma
ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/suitelink_1-adv.txt
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0134",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "3.0"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "dasabcip",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.1"
},
{
"model": "daserver runtime components",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "3.0"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "3.1.201"
},
{
"model": "wonderware application server",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "dassidirect",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "2.0"
},
{
"model": "intouch\\/wonderware application server",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "10.0"
},
{
"model": "daserver runtime components",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "3.0"
},
{
"model": "dasabcip",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "4.1"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.0,
"vendor": "invensys",
"version": "3.0.200"
},
{
"model": "dasabcip",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "4.1 sp2"
},
{
"model": "daserver runtime component",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "3.0 sp2"
},
{
"model": "dassidirect",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "3.0"
},
{
"model": "intouch",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "10.5"
},
{
"model": "wonderware application server",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "3.5"
},
{
"model": "intouch",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2012"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2012"
},
{
"model": "intouch\\/wonderware application server",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "10.0"
},
{
"model": "dassidirect",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "3.1"
},
{
"model": "intouch",
"scope": "eq",
"trust": 0.3,
"vendor": "wonderware",
"version": "7.11"
},
{
"model": "intouch",
"scope": "eq",
"trust": 0.3,
"vendor": "wonderware",
"version": "9.5"
},
{
"model": "intouch",
"scope": "eq",
"trust": 0.3,
"vendor": "wonderware",
"version": "8.0"
},
{
"model": "intouch",
"scope": "ne",
"trust": 0.3,
"vendor": "wonderware",
"version": "10.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dasabcip",
"version": "4.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dasabcip",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "daserver runtime components",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "daserver runtime components",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dassidirect",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch wonderware application server",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware application server",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware application server",
"version": "3.0.200"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware application server",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware application server",
"version": "3.1.201"
}
],
"sources": [
{
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"db": "BID",
"id": "53563"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"db": "NVD",
"id": "CVE-2012-3007"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:daserver_runtime_components:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:dassidirect:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:dasabcip:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:*:sp2:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.1.201:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.0.200:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch\\/wonderware_application_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:dasabcip:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:daserver_runtime_components:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3007"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "53563"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-849"
}
],
"trust": 0.9
},
"cve": "CVE-2012-3007",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-3007",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-56288",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3007",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-049",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56288",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56288"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"db": "NVD",
"id": "CVE-2012-3007"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 and WAS before 3.5, DASABCIP before 4.1 SP2, DASSiDirect before 3.0, DAServer Runtime Components before 3.0 SP2, and other products, allows remote attackers to cause a denial of service (daemon crash or hang) via a long Unicode string. WonderWare is an industrial control and automation software. Wonderware SuiteLink is prone to a remote denial-of-service vulnerability. \nExploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. These products are as follows: InTouch/Wonderware Application Server IT pre-10.5 and WAS pre-3.5, DASABCIP pre-4.1 SP2, DASSiDirect pre-3.0, DAServer Runtime Components pre-3.0 SP2 and others. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Wonderware InTouch SuiteLink Service Denial of Service\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA49173\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49173/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49173\n\nRELEASE DATE:\n2012-05-16\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49173/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49173/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49173\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nLuigi Auriemma has discovered a vulnerability in Invensys Wonderware\nInTouch, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nThe vulnerability is caused due to an error within the SuiteLink\nService (slssvc.exe) when processing certain packets. This can be\nexploited to cause the service to crash via a specially crafted\npacket sent to TCP port 5413. \n\nThe vulnerability is confirmed in version 10.1.300 Build 0268\n(slssvc.exe version 51.5.0.0). Other versions may also be affected. \n\nSOLUTION:\nRestrict access to trusted hosts only. \n\nPROVIDED AND/OR DISCOVERED BY:\nLuigi Auriemma\n\nORIGINAL ADVISORY:\nLuigi Auriemma:\nhttp://aluigi.altervista.org/adv/suitelink_1-adv.txt\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3007"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"db": "BID",
"id": "53563"
},
{
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-56288"
},
{
"db": "PACKETSTORM",
"id": "112815"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3007",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-171-01",
"trust": 3.1
},
{
"db": "BID",
"id": "53563",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "49173",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201207-049",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3548",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-849",
"trust": 0.6
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-12-136-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "B1884D1A-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112815",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"db": "VULHUB",
"id": "VHN-56288"
},
{
"db": "BID",
"id": "53563"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"db": "PACKETSTORM",
"id": "112815"
},
{
"db": "NVD",
"id": "CVE-2012-3007"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-849"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
]
},
"id": "VAR-201207-0134",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"db": "VULHUB",
"id": "VHN-56288"
}
],
"trust": 1.4971608333333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3548"
}
]
},
"last_update_date": "2023-12-18T13:34:49.121000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SuiteLink Service (SLSSVC) Vulnerability (LFSEC 00000038 - UPDATED)",
"trust": 0.8,
"url": "http://iom.invensys.com/en/pdflibrary/security_bulletin_lfsec00000038.pdf"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/default.aspx"
},
{
"title": "Patch for Invensys Wonderware SuiteLink Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18634"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56288"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"db": "NVD",
"id": "CVE-2012-3007"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-171-01.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/53563"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/49173"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3007"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3007"
},
{
"trust": 0.4,
"url": "http://aluigi.altervista.org/adv/suitelink_1-adv.txt"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-12-136-01.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49173"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49173/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49173/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"db": "VULHUB",
"id": "VHN-56288"
},
{
"db": "BID",
"id": "53563"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"db": "PACKETSTORM",
"id": "112815"
},
{
"db": "NVD",
"id": "CVE-2012-3007"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-849"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"db": "VULHUB",
"id": "VHN-56288"
},
{
"db": "BID",
"id": "53563"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"db": "PACKETSTORM",
"id": "112815"
},
{
"db": "NVD",
"id": "CVE-2012-3007"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-849"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"date": "2012-07-05T00:00:00",
"db": "VULHUB",
"id": "VHN-56288"
},
{
"date": "2012-05-15T00:00:00",
"db": "BID",
"id": "53563"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"date": "2012-05-17T11:19:10",
"db": "PACKETSTORM",
"id": "112815"
},
{
"date": "2012-07-05T03:23:18.637000",
"db": "NVD",
"id": "CVE-2012-3007"
},
{
"date": "2012-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-849"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3548"
},
{
"date": "2012-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-56288"
},
{
"date": "2015-03-19T09:08:00",
"db": "BID",
"id": "53563"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003015"
},
{
"date": "2012-08-14T03:38:14.847000",
"db": "NVD",
"id": "CVE-2012-3007"
},
{
"date": "2012-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-849"
},
{
"date": "2012-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-849"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wonderware SuiteLink Unallocated Unicode String Remote Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "53563"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-849"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b1884d1a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-049"
}
],
"trust": 0.8
}
}
VAR-201012-0106
Vulnerability from variot - Updated: 2023-12-18 13:25Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensys Foxboro I/A Series Batch 8.1 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request to port 9001. Invensys Wonderware InBatch and Foxboro I/A Series Batch of lm_tcp The service can experience buffer overflow. Wonderware InBatch and Foxboro I/A Batch of database lock manager (lm_tcp) The service includes 150 When copying a string to a byte buffer, a buffer overflow can occur. This service is 9001/tcp using.lm_tcp Service disruption by a third party with access to the service (DoS) An attacker may be able to attack or execute arbitrary code. RDM Embedded is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The issue affects the 'lm_tcp' service. Failed exploit attempts may crash the application, denying service to legitimate users. The issue affects lm_tcp <= 9.0.0 0248.18.0.0; other versions may also be affected. Wonderware InBatch is prone to a denial-of-service vulnerability. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).
Request a free trial: http://secunia.com/products/corporate/vim/
TITLE: Wonderware InBatch / Foxboro I/A Series "lm_tcp" Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA42528
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42528/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42528
RELEASE DATE: 2010-12-24
DISCUSS ADVISORY: http://secunia.com/advisories/42528/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/42528/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=42528
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Wonderware InBatch and Foxboro I/A Series Batch, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. write 16bits with the value 0 (0x0000) to an arbitrary memory location by sending a specially crafted packet to port 9001.
SOLUTION: Apply patches when available. See vendor's advisory for possible mitigation steps.
PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma
ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/inbatch_1-adv.txt
Invensys: http://iom.invensys.com/EN/Pages/IOM_CyberSecurityUpdates.aspx
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201012-0106",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 3.3,
"vendor": "invensys",
"version": "9.0"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 3.3,
"vendor": "invensys",
"version": "8.1"
},
{
"model": "foxboro i\\/a series batch",
"scope": "eq",
"trust": 1.0,
"vendor": "invensys",
"version": "8.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "invensys",
"version": null
},
{
"model": "i/a batch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "8.1"
},
{
"model": "i/a batch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "server all supported"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "server all supported"
},
{
"model": "foxboro i/a series batch",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware inbatch",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware inbatch",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "foxboro i a series batch",
"version": "8.1"
},
{
"model": "inbatch sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "wonderware",
"version": "9.0"
},
{
"model": "inbatch",
"scope": "eq",
"trust": 0.3,
"vendor": "wonderware",
"version": "9.0"
},
{
"model": "inbatch",
"scope": "eq",
"trust": 0.3,
"vendor": "wonderware",
"version": "8.1"
},
{
"model": "rdm embedded",
"scope": "eq",
"trust": 0.3,
"vendor": "raima",
"version": "0"
},
{
"model": "foxboro i%2fa series batch",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "8.1"
}
],
"sources": [
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#647928"
},
{
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"db": "BID",
"id": "45245"
},
{
"db": "BID",
"id": "78742"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002656"
},
{
"db": "NVD",
"id": "CVE-2010-4557"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:foxboro_i\\/a_series_batch:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4557"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "45245"
}
],
"trust": 0.3
},
"cve": "CVE-2010-4557",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-4557",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-47162",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4557",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#647928",
"trust": 0.8,
"value": "24.41"
},
{
"author": "CNNVD",
"id": "CNNVD-201012-254",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-47162",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#647928"
},
{
"db": "VULHUB",
"id": "VHN-47162"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"db": "NVD",
"id": "CVE-2010-4557"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensys Foxboro I/A Series Batch 8.1 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request to port 9001. Invensys Wonderware InBatch and Foxboro I/A Series Batch of lm_tcp The service can experience buffer overflow. Wonderware InBatch and Foxboro I/A Batch of database lock manager (lm_tcp) The service includes 150 When copying a string to a byte buffer, a buffer overflow can occur. This service is 9001/tcp using.lm_tcp Service disruption by a third party with access to the service (DoS) An attacker may be able to attack or execute arbitrary code. RDM Embedded is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The issue affects the \u0027lm_tcp\u0027 service. Failed exploit attempts may crash the application, denying service to legitimate users. \nThe issue affects lm_tcp \u0026lt;= 9.0.0 0248.18.0.0; other versions may also be affected. Wonderware InBatch is prone to a denial-of-service vulnerability. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nWonderware InBatch / Foxboro I/A Series \"lm_tcp\" Buffer Overflow\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA42528\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42528/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42528\n\nRELEASE DATE:\n2010-12-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42528/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42528/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42528\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Wonderware InBatch and Foxboro\nI/A Series Batch, which can be exploited by malicious people to cause\na DoS (Denial of Service) and potentially compromise a vulnerable\nsystem. write 16bits with the value 0 (0x0000) to an arbitrary\nmemory location by sending a specially crafted packet to port 9001. \n\nSOLUTION:\nApply patches when available. See vendor\u0027s advisory for possible\nmitigation steps. \n\nPROVIDED AND/OR DISCOVERED BY:\nLuigi Auriemma\n\nORIGINAL ADVISORY:\nLuigi Auriemma:\nhttp://aluigi.altervista.org/adv/inbatch_1-adv.txt\n\nInvensys:\nhttp://iom.invensys.com/EN/Pages/IOM_CyberSecurityUpdates.aspx\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4557"
},
{
"db": "CERT/CC",
"id": "VU#647928"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002656"
},
{
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"db": "BID",
"id": "45245"
},
{
"db": "BID",
"id": "78742"
},
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-47162"
},
{
"db": "PACKETSTORM",
"id": "96969"
}
],
"trust": 4.68
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-47162",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47162"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#647928",
"trust": 4.7
},
{
"db": "SECUNIA",
"id": "42528",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-10-348-01",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2010-4557",
"trust": 3.8
},
{
"db": "EXPLOIT-DB",
"id": "15707",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2010-3244",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201012-254",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2010-3346",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002872",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002656",
"trust": 0.8
},
{
"db": "BID",
"id": "78742",
"trust": 0.4
},
{
"db": "BID",
"id": "45245",
"trust": 0.3
},
{
"db": "IVD",
"id": "7D76270F-463F-11E9-9EC2-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "8D6584DC-2355-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-70368",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-47162",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96969",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#647928"
},
{
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"db": "VULHUB",
"id": "VHN-47162"
},
{
"db": "BID",
"id": "45245"
},
{
"db": "BID",
"id": "78742"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002656"
},
{
"db": "PACKETSTORM",
"id": "96969"
},
{
"db": "NVD",
"id": "CVE-2010-4557"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
]
},
"id": "VAR-201012-0106",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"db": "VULHUB",
"id": "VHN-47162"
}
],
"trust": 1.7055555500000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-3346"
}
]
},
"last_update_date": "2023-12-18T13:25:14.777000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Invensys Operations Management Security Alart",
"trust": 1.6,
"url": "http://iom.invensys.com/en/pages/iom_cybersecurityupdates.aspx"
},
{
"title": "Cyber Security Updates",
"trust": 0.8,
"url": "http://iom.invensys.com/en/pdflibrary/securityalert_invensys_securityalert-lfsec00000051_12-10.pdf"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc ",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/"
},
{
"title": "WonderwareInBatchSoftware",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/wonderwareinbatchsoftware.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002656"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47162"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"db": "NVD",
"id": "CVE-2010-4557"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.9,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-10-348-01.pdf"
},
{
"trust": 3.9,
"url": "http://www.kb.cert.org/vuls/id/647928"
},
{
"trust": 3.3,
"url": "http://secunia.com/advisories/42528"
},
{
"trust": 2.9,
"url": "http://iom.invensys.com/en/pages/iom_cybersecurityupdates.aspx"
},
{
"trust": 2.8,
"url": "http://aluigi.org/adv/inbatch_1-adv.txt"
},
{
"trust": 2.0,
"url": "http://iom.invensys.com/en/pdflibrary/securityalert_invensys_securityalert-lfsec00000051_12-10.pdf"
},
{
"trust": 2.0,
"url": "http://www.exploit-db.com/exploits/15707"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/3244"
},
{
"trust": 1.1,
"url": "http://global.wonderware.com/en/pages/wonderwareinbatchsoftware.aspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4557"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4557"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu647928"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/42528http"
},
{
"trust": 0.3,
"url": "http://www.raima.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42528/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42528/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://aluigi.altervista.org/adv/inbatch_1-adv.txt"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42528"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#647928"
},
{
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"db": "VULHUB",
"id": "VHN-47162"
},
{
"db": "BID",
"id": "45245"
},
{
"db": "BID",
"id": "78742"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002656"
},
{
"db": "PACKETSTORM",
"id": "96969"
},
{
"db": "NVD",
"id": "CVE-2010-4557"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#647928"
},
{
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"db": "VULHUB",
"id": "VHN-47162"
},
{
"db": "BID",
"id": "45245"
},
{
"db": "BID",
"id": "78742"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002656"
},
{
"db": "PACKETSTORM",
"id": "96969"
},
{
"db": "NVD",
"id": "CVE-2010-4557"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-12-23T00:00:00",
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"date": "2010-12-23T00:00:00",
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"date": "2010-12-15T00:00:00",
"db": "CERT/CC",
"id": "VU#647928"
},
{
"date": "2010-12-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"date": "2010-12-17T00:00:00",
"db": "VULHUB",
"id": "VHN-47162"
},
{
"date": "2010-12-07T00:00:00",
"db": "BID",
"id": "45245"
},
{
"date": "2010-12-17T00:00:00",
"db": "BID",
"id": "78742"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"date": "2011-01-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002656"
},
{
"date": "2010-12-25T08:43:21",
"db": "PACKETSTORM",
"id": "96969"
},
{
"date": "2010-12-17T19:00:26.293000",
"db": "NVD",
"id": "CVE-2010-4557"
},
{
"date": "2010-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-12-16T00:00:00",
"db": "CERT/CC",
"id": "VU#647928"
},
{
"date": "2010-12-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"date": "2013-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-47162"
},
{
"date": "2010-12-15T13:34:00",
"db": "BID",
"id": "45245"
},
{
"date": "2010-12-17T00:00:00",
"db": "BID",
"id": "78742"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002872"
},
{
"date": "2011-01-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002656"
},
{
"date": "2013-08-19T06:17:26.870000",
"db": "NVD",
"id": "CVE-2010-4557"
},
{
"date": "2010-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "45245"
},
{
"db": "BID",
"id": "78742"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware InBatch lm_tcp Service Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-3346"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "7d76270f-463f-11e9-9ec2-000c29342cb1"
},
{
"db": "IVD",
"id": "8d6584dc-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-254"
}
],
"trust": 1.0
}
}
VAR-201108-0126
Vulnerability from variot - Updated: 2023-12-18 13:25Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9.0, and 9.0 SP1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. Invensys Wonderware inBatch is an industrial batch management software. There are three security vulnerabilities in Invensys Wonderware inBatch that exist in the GUIControls, BatchObjSrv, and BatchSecCtrl controls. Submitting a long string value to the property/method referenced by the control, enticing the client user to resolve, can trigger a denial of service attack, and successfully exploiting the vulnerability can execute arbitrary code in the context of the logged in user. Wonderware InBatch is prone to a denial-of-service vulnerability. Invensys Wonderware inBatch is prone to a remote stack-based buffer-overflow vulnerability that affects the inBatch BatchField ActiveX control. Failed exploit attempts will result in a denial-of-service condition. Invensys Wonderware inBatch 8.1 and 9.0 SP1 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------
Secunia is hiring!
http://secunia.com/company/jobs/
TITLE: Wonderware InBatch BatchField ActiveX Control Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA44336
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44336/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44336
RELEASE DATE: 2011-05-04
DISCUSS ADVISORY: http://secunia.com/advisories/44336/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/44336/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=44336
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Wonderware InBatch, which can be exploited by malicious people to compromise a user's system.
Successful exploitation may allow execution of arbitrary code.
SOLUTION: Apply updates. Contact the vendor for more information.
PROVIDED AND/OR DISCOVERED BY: US-CERT credits Jeremy Brown.
ORIGINAL ADVISORY: Wonderware: http://iom.invensys.com/EN/pdfLibrary/Final.Tech.Alert.141.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0126",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 4.2,
"vendor": "invensys",
"version": "9.0"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 3.3,
"vendor": "invensys",
"version": "8.1"
},
{
"model": "wonderware inbatch sp1",
"scope": "eq",
"trust": 1.8,
"vendor": "invensys",
"version": "9.0"
},
{
"model": "wonderware inbatch sp1",
"scope": "eq",
"trust": 1.2,
"vendor": "invensys",
"version": "8.1"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "8.1 sp1"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "9.0 sp1"
},
{
"model": "wonderware inbatch sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "9.0"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "9.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware inbatch",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware inbatch",
"version": "8.1"
},
{
"model": "wonderware inbatch sp1",
"scope": "eq",
"trust": 0.2,
"vendor": "invensys",
"version": "8.1*"
},
{
"model": "wonderware inbatch sp1",
"scope": "eq",
"trust": 0.2,
"vendor": "invensys",
"version": "9.0*"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.2,
"vendor": "invensys",
"version": "9.0*"
}
],
"sources": [
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"db": "BID",
"id": "78442"
},
{
"db": "BID",
"id": "47385"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"db": "NVD",
"id": "CVE-2011-3141"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:8.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:9.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3141"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "78442"
}
],
"trust": 0.3
},
"cve": "CVE-2011-3141",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-3141",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:C",
"version": "2.0 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-51086",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-3141",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-284",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-51086",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-51086"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"db": "NVD",
"id": "CVE-2011-3141"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9.0, and 9.0 SP1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. Invensys Wonderware inBatch is an industrial batch management software. There are three security vulnerabilities in Invensys Wonderware inBatch that exist in the GUIControls, BatchObjSrv, and BatchSecCtrl controls. Submitting a long string value to the property/method referenced by the control, enticing the client user to resolve, can trigger a denial of service attack, and successfully exploiting the vulnerability can execute arbitrary code in the context of the logged in user. Wonderware InBatch is prone to a denial-of-service vulnerability. Invensys Wonderware inBatch is prone to a remote stack-based buffer-overflow vulnerability that affects the inBatch BatchField ActiveX control. Failed exploit attempts will result in a denial-of-service condition. \nInvensys Wonderware inBatch 8.1 and 9.0 SP1 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------\n\n\nSecunia is hiring!\n\nhttp://secunia.com/company/jobs/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nWonderware InBatch BatchField ActiveX Control Buffer Overflow\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA44336\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44336/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44336\n\nRELEASE DATE:\n2011-05-04\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44336/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44336/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44336\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Wonderware InBatch, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nSOLUTION:\nApply updates. Contact the vendor for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nUS-CERT credits Jeremy Brown. \n\nORIGINAL ADVISORY:\nWonderware:\nhttp://iom.invensys.com/EN/pdfLibrary/Final.Tech.Alert.141.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3141"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"db": "BID",
"id": "78442"
},
{
"db": "BID",
"id": "47385"
},
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-51086"
},
{
"db": "PACKETSTORM",
"id": "101097"
}
],
"trust": 3.78
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-11-094-01",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2011-3141",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "44336",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "72182",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201108-284",
"trust": 0.9
},
{
"db": "BID",
"id": "47385",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2011-5395",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-1472",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-11-332-01",
"trust": 0.6
},
{
"db": "BID",
"id": "78442",
"trust": 0.4
},
{
"db": "IVD",
"id": "B6665AC4-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "4A2B4532-1F98-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-51086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101097",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"db": "VULHUB",
"id": "VHN-51086"
},
{
"db": "BID",
"id": "78442"
},
{
"db": "BID",
"id": "47385"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"db": "PACKETSTORM",
"id": "101097"
},
{
"db": "NVD",
"id": "CVE-2011-3141"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
]
},
"id": "VAR-201108-0126",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"db": "VULHUB",
"id": "VHN-51086"
}
],
"trust": 2.3102693333333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
}
]
},
"last_update_date": "2023-12-18T13:25:13.369000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Tech Alert 141",
"trust": 0.8,
"url": "http://iom.invensys.com/en/pdflibrary/final.tech.alert.141.pdf"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Invensys Wonderware inBatch BatchField ActiveX Control Stack Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3552"
},
{
"title": "Invensys Wonderware inBatch BatchField ActiveX Control Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/6425"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51086"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"db": "NVD",
"id": "CVE-2011-3141"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-094-01.pdf"
},
{
"trust": 2.4,
"url": "http://iom.invensys.com/en/pdflibrary/final.tech.alert.141.pdf"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/72182"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/44336"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3141"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3141"
},
{
"trust": 0.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-094-01.pdfhttp"
},
{
"trust": 0.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-332-01.pdf"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44336/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44336"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44336/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"db": "VULHUB",
"id": "VHN-51086"
},
{
"db": "BID",
"id": "78442"
},
{
"db": "BID",
"id": "47385"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"db": "PACKETSTORM",
"id": "101097"
},
{
"db": "NVD",
"id": "CVE-2011-3141"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"db": "VULHUB",
"id": "VHN-51086"
},
{
"db": "BID",
"id": "78442"
},
{
"db": "BID",
"id": "47385"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"db": "PACKETSTORM",
"id": "101097"
},
{
"db": "NVD",
"id": "CVE-2011-3141"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-22T00:00:00",
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-04-18T00:00:00",
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"date": "2011-04-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"date": "2011-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"date": "2011-08-16T00:00:00",
"db": "VULHUB",
"id": "VHN-51086"
},
{
"date": "2011-08-16T00:00:00",
"db": "BID",
"id": "78442"
},
{
"date": "2011-04-15T00:00:00",
"db": "BID",
"id": "47385"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"date": "2011-05-04T07:07:11",
"db": "PACKETSTORM",
"id": "101097"
},
{
"date": "2011-08-16T21:55:01.083000",
"db": "NVD",
"id": "CVE-2011-3141"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-04-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1472"
},
{
"date": "2011-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"date": "2012-03-16T00:00:00",
"db": "VULHUB",
"id": "VHN-51086"
},
{
"date": "2011-08-16T00:00:00",
"db": "BID",
"id": "78442"
},
{
"date": "2011-04-15T00:00:00",
"db": "BID",
"id": "47385"
},
{
"date": "2012-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003493"
},
{
"date": "2012-03-16T04:00:00",
"db": "NVD",
"id": "CVE-2011-3141"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "78442"
},
{
"db": "BID",
"id": "47385"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware inBatch BatchField ActiveX Control Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5395"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b6665ac4-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4a2b4532-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-284"
}
],
"trust": 1.0
}
}
VAR-201201-0266
Vulnerability from variot - Updated: 2023-12-18 13:25Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server and Runtime Clients, allow remote attackers to execute arbitrary code via a long string in a property value, a different issue than CVE-2011-3141. Invensys Wonderware InBatch Server and runtime client (1) GUIControls , (2) BatchObjSrv ,and (3) BatchSecCtrl ActiveX The control contains a buffer overflow vulnerability. This vulnerability CVE-2011-3141 Is a different vulnerability.A third party may execute arbitrary code through an excessively long string of property values. Multiple stack-based buffer overflow vulnerabilities exist in Invensys Wonderware inBatch. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application that uses ActiveX controls (usually Internet Explorer), which could result in a denial of service. Failed exploit attempts will result in a denial-of-service condition. Failure to do so may result in a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201201-0266",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 3.3,
"vendor": "invensys",
"version": "9.5"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 2.7,
"vendor": "invensys",
"version": "9.0"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 1.9,
"vendor": "invensys",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 1.2,
"vendor": "wonderware inbatch",
"version": "9.0"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "8.1 sp1"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "9.0 sp1"
},
{
"model": "wonderware inbatch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "9.0 sp2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware inbatch",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware inbatch",
"version": "9.5"
},
{
"model": "wonderware inbatch sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "9.0"
},
{
"model": "wonderware inbatch sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "9.0"
},
{
"model": "wonderware inbatch sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "invensys",
"version": "9.5"
},
{
"model": "wonderware inbatch sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "invensys",
"version": "8.1"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"db": "BID",
"id": "51129"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"db": "NVD",
"id": "CVE-2011-4870"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:9.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:8.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:9.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_inbatch:9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4870"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kuang-Chun Hung of the Security Research and Service Institute-Information and Communication Security Technology Center",
"sources": [
{
"db": "BID",
"id": "51129"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4870",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2011-4870",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2011-5603",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "7d7340de-463f-11e9-9481-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-52815",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4870",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2011-5603",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201112-380",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-52815",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"db": "VULHUB",
"id": "VHN-52815"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"db": "NVD",
"id": "CVE-2011-4870"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server and Runtime Clients, allow remote attackers to execute arbitrary code via a long string in a property value, a different issue than CVE-2011-3141. Invensys Wonderware InBatch Server and runtime client (1) GUIControls , (2) BatchObjSrv ,and (3) BatchSecCtrl ActiveX The control contains a buffer overflow vulnerability. This vulnerability CVE-2011-3141 Is a different vulnerability.A third party may execute arbitrary code through an excessively long string of property values. Multiple stack-based buffer overflow vulnerabilities exist in Invensys Wonderware inBatch. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application that uses ActiveX controls (usually Internet Explorer), which could result in a denial of service. Failed exploit attempts will result in a denial-of-service condition. Failure to do so may result in a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4870"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"db": "BID",
"id": "51129"
},
{
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-52815"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4870",
"trust": 3.8
},
{
"db": "BID",
"id": "51129",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-11-332-01A",
"trust": 2.5
},
{
"db": "CNNVD",
"id": "CNNVD-201112-380",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2011-5603",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-11-332-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "7D7340DE-463F-11E9-9481-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "3D641EE0-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-52815",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"db": "VULHUB",
"id": "VHN-52815"
},
{
"db": "BID",
"id": "51129"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"db": "NVD",
"id": "CVE-2011-4870"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
]
},
"id": "VAR-201201-0266",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"db": "VULHUB",
"id": "VHN-52815"
}
],
"trust": 1.7102693333333336
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5603"
}
]
},
"last_update_date": "2023-12-18T13:25:13.326000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/default.aspx"
},
{
"title": "Invensys Wonderware inBatch \\342\\200\\230ActiveX\\342\\200\\231 Control Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/35885"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52815"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"db": "NVD",
"id": "CVE-2011-4870"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-332-01a.pdf"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/51129"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4870"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4870"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-332-01.pdf"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/default.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"db": "VULHUB",
"id": "VHN-52815"
},
{
"db": "BID",
"id": "51129"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"db": "NVD",
"id": "CVE-2011-4870"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"db": "VULHUB",
"id": "VHN-52815"
},
{
"db": "BID",
"id": "51129"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"db": "NVD",
"id": "CVE-2011-4870"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-22T00:00:00",
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"date": "2011-12-22T00:00:00",
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"date": "2012-01-08T00:00:00",
"db": "VULHUB",
"id": "VHN-52815"
},
{
"date": "2011-12-20T00:00:00",
"db": "BID",
"id": "51129"
},
{
"date": "2012-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"date": "2012-01-08T00:55:02.130000",
"db": "NVD",
"id": "CVE-2011-4870"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5603"
},
{
"date": "2012-01-09T00:00:00",
"db": "VULHUB",
"id": "VHN-52815"
},
{
"date": "2012-01-04T16:50:00",
"db": "BID",
"id": "51129"
},
{
"date": "2012-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001032"
},
{
"date": "2012-01-09T05:00:00",
"db": "NVD",
"id": "CVE-2011-4870"
},
{
"date": "2011-12-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware InBatch of ActiveX Control buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001032"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "7d7340de-463f-11e9-9481-000c29342cb1"
},
{
"db": "IVD",
"id": "3d641ee0-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-380"
}
],
"trust": 1.0
}
}
VAR-201212-0033
Vulnerability from variot - Updated: 2023-12-18 13:04Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file. Siemens ProcessSuite/Invensys Wonderware InTouch is the distributed control system \"APACS\". ProcessSuite is mostly used in manufacturing, oil and gas, and chemical fields. InTouch is an HMI software. Since the user management system containing the password is stored in the file \"Ps_security.ini\" in a reversible format, users with read access can exploit this vulnerability to obtain password information and log in as a privileged user, affecting system integrity, availability, and confidentiality. Successful attacks can allow a local attacker to gain unauthorized access to the password file. Information obtained may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201212-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "processsuite",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": null
},
{
"model": "processsuite",
"scope": null,
"trust": 1.4,
"vendor": "siemens",
"version": null
},
{
"model": "wonderware intouch",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "2012"
},
{
"model": "intouch",
"scope": "lte",
"trust": 0.8,
"vendor": "invensys",
"version": "2012 r2"
},
{
"model": "intouch r2",
"scope": "lte",
"trust": 0.6,
"vendor": "wonderware",
"version": "\u003c=2012"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware intouch",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "processsuite",
"version": null
},
{
"model": "processsuite",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "wonderware intouch r2",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "2012"
}
],
"sources": [
{
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"db": "BID",
"id": "56934"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"db": "NVD",
"id": "CVE-2012-4693"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:processsuite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_intouch:*:r2:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2012",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4693"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Seth Bromberger of NCI Security",
"sources": [
{
"db": "BID",
"id": "56934"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
],
"trust": 0.9
},
"cve": "CVE-2012-4693",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 1.9,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-4693",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-57974",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4693",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201212-204",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-57974",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57974"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"db": "NVD",
"id": "CVE-2012-4693"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file. Siemens ProcessSuite/Invensys Wonderware InTouch is the distributed control system \\\"APACS\\\". ProcessSuite is mostly used in manufacturing, oil and gas, and chemical fields. InTouch is an HMI software. Since the user management system containing the password is stored in the file \\\"Ps_security.ini\\\" in a reversible format, users with read access can exploit this vulnerability to obtain password information and log in as a privileged user, affecting system integrity, availability, and confidentiality. \nSuccessful attacks can allow a local attacker to gain unauthorized access to the password file. Information obtained may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4693"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"db": "BID",
"id": "56934"
},
{
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57974"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4693",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-12-348-01",
"trust": 3.1
},
{
"db": "SIEMENS",
"id": "SSA-370812",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2012-7479",
"trust": 1.0
},
{
"db": "BID",
"id": "56934",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760",
"trust": 0.8
},
{
"db": "IVD",
"id": "2BDB356A-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "2D9D0CC0-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-57974",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"db": "VULHUB",
"id": "VHN-57974"
},
{
"db": "BID",
"id": "56934"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"db": "NVD",
"id": "CVE-2012-4693"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
]
},
"id": "VAR-201212-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"db": "VULHUB",
"id": "VHN-57974"
}
],
"trust": 1.74760684
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-7479"
}
]
},
"last_update_date": "2023-12-18T13:04:16.653000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/en/pages/home.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/cc/en/"
},
{
"title": "SSA-370812: Insecure Password Storage in Siemens ProcessSuite (discontinued product)",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-370812.pdf"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/answers/jp/ja/"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/default.aspx"
},
{
"title": "Siemens ProcessSuite/Invensys Wonderware InTouch Local Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/26553"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57974"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"db": "NVD",
"id": "CVE-2012-4693"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-348-01.pdf"
},
{
"trust": 1.7,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-370812.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4693"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4693"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/56934"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"db": "VULHUB",
"id": "VHN-57974"
},
{
"db": "BID",
"id": "56934"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"db": "NVD",
"id": "CVE-2012-4693"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"db": "VULHUB",
"id": "VHN-57974"
},
{
"db": "BID",
"id": "56934"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"db": "NVD",
"id": "CVE-2012-4693"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-17T00:00:00",
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-12-17T00:00:00",
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-12-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"date": "2012-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-57974"
},
{
"date": "2012-12-13T00:00:00",
"db": "BID",
"id": "56934"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"date": "2012-12-18T12:30:05.857000",
"db": "NVD",
"id": "CVE-2012-4693"
},
{
"date": "2012-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"date": "2012-12-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57974"
},
{
"date": "2012-12-13T00:00:00",
"db": "BID",
"id": "56934"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005760"
},
{
"date": "2012-12-19T05:00:00",
"db": "NVD",
"id": "CVE-2012-4693"
},
{
"date": "2012-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "56934"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens ProcessSuite/Invensys Wonderware InTouch Local Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "2bdb356a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "2d9d0cc0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-7479"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201212-204"
}
],
"trust": 0.6
}
}
VAR-201107-0262
Vulnerability from variot - Updated: 2023-12-18 12:52Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls. Invensys Wonderware Information Server is a key component of Wonderware's enterprise manufacturing intelligence solution. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. An attacker could build a malicious file or WEB page to trick the user into parsing to trigger this vulnerability. Invensys Wonderware Info Server is prone to a multiple unspecified remote code-esecution vulnerabilities in an unspecified ActiveX control. Failed exploit attempts will result in a denial-of-service condition. Invensys Wonderware Info Server versions 3.1, 4.0, and 4.0 SP1 are vulnerable. ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Wonderware Information Server Unspecified ActiveX Controls Buffer Overflow Vulnerabilities
SECUNIA ADVISORY ID: SA45476
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45476/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45476
RELEASE DATE: 2011-08-04
DISCUSS ADVISORY: http://secunia.com/advisories/45476/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45476/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45476
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Some vulnerabilities have been reported in Wonderware Information Server, which can be exploited by malicious people to compromise a user's system.
Successful exploitation may allow execution of arbitrary code.
SOLUTION: Reportedly a patch has been released. Contact the vendor for further information.
PROVIDED AND/OR DISCOVERED BY: Billy Rios and Terry McCorkle via ICS-CERT.
ORIGINAL ADVISORY: ICS-CERT (ICSA-11-195-01): http://www.us-cert.gov/control_systems/pdf/ICSA-11-195-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 3.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 3.9,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0 sp1"
},
{
"model": "wonderware information server 4.0:sp1",
"scope": null,
"trust": 0.6,
"vendor": "invensys",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "3.1"
}
],
"sources": [
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"db": "BID",
"id": "48976"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"db": "NVD",
"id": "CVE-2011-2962"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2962"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Reported by the vendor",
"sources": [
{
"db": "BID",
"id": "48976"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2962",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2962",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "c2676200-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-50907",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2962",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201107-459",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50907",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-50907"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"db": "NVD",
"id": "CVE-2011-2962"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls. Invensys Wonderware Information Server is a key component of Wonderware\u0027s enterprise manufacturing intelligence solution. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. An attacker could build a malicious file or WEB page to trick the user into parsing to trigger this vulnerability. Invensys Wonderware Info Server is prone to a multiple unspecified remote code-esecution vulnerabilities in an unspecified ActiveX control. Failed exploit attempts will result in a denial-of-service condition. \nInvensys Wonderware Info Server versions 3.1, 4.0, and 4.0 SP1 are vulnerable. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nWonderware Information Server Unspecified ActiveX Controls Buffer\nOverflow Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45476\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45476/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45476\n\nRELEASE DATE:\n2011-08-04\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45476/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45476/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45476\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Wonderware Information\nServer, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nSOLUTION:\nReportedly a patch has been released. Contact the vendor for further\ninformation. \n\nPROVIDED AND/OR DISCOVERED BY:\nBilly Rios and Terry McCorkle via ICS-CERT. \n\nORIGINAL ADVISORY:\nICS-CERT (ICSA-11-195-01):\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-11-195-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2962"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"db": "BID",
"id": "48976"
},
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-50907"
},
{
"db": "PACKETSTORM",
"id": "103718"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2962",
"trust": 4.4
},
{
"db": "ICS CERT",
"id": "ICSA-11-195-01",
"trust": 3.5
},
{
"db": "BID",
"id": "48976",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "45476",
"trust": 1.3
},
{
"db": "CNNVD",
"id": "CNNVD-201107-459",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2011-3019",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-2975",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "17447",
"trust": 0.6
},
{
"db": "IVD",
"id": "C2676200-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "DA232C00-1F8D-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-50907",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103718",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"db": "VULHUB",
"id": "VHN-50907"
},
{
"db": "BID",
"id": "48976"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"db": "PACKETSTORM",
"id": "103718"
},
{
"db": "NVD",
"id": "CVE-2011-2962"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
]
},
"id": "VAR-201107-0262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"db": "VULHUB",
"id": "VHN-50907"
}
],
"trust": 2.4222222
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
}
]
},
"last_update_date": "2023-12-18T12:52:25.497000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Invensys Wonderware Information Server Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4605"
},
{
"title": "Patch for Invensys Wonderware Info Server ActiveX Control Unknown Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4610"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50907"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"db": "NVD",
"id": "CVE-2011-2962"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-195-01.pdf"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/48976"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/45476"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68988"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2962"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2962"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/48976/info"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17447"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45476/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45476/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45476"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"db": "VULHUB",
"id": "VHN-50907"
},
{
"db": "BID",
"id": "48976"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"db": "PACKETSTORM",
"id": "103718"
},
{
"db": "NVD",
"id": "CVE-2011-2962"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"db": "VULHUB",
"id": "VHN-50907"
},
{
"db": "BID",
"id": "48976"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"db": "PACKETSTORM",
"id": "103718"
},
{
"db": "NVD",
"id": "CVE-2011-2962"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-04T00:00:00",
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-08-03T00:00:00",
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"date": "2011-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"date": "2011-08-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"date": "2011-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-50907"
},
{
"date": "2011-08-03T00:00:00",
"db": "BID",
"id": "48976"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"date": "2011-08-04T02:56:21",
"db": "PACKETSTORM",
"id": "103718"
},
{
"date": "2011-07-29T19:55:04.140000",
"db": "NVD",
"id": "CVE-2011-2962"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2975"
},
{
"date": "2011-08-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3019"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-50907"
},
{
"date": "2011-08-03T00:00:00",
"db": "BID",
"id": "48976"
},
{
"date": "2012-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003491"
},
{
"date": "2017-08-29T01:29:53.333000",
"db": "NVD",
"id": "CVE-2011-2962"
},
{
"date": "2011-08-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Info Server ActiveX Control Unknown Remote Code Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3019"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "c2676200-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "da232c00-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-459"
}
],
"trust": 1.0
}
}
VAR-201204-0163
Vulnerability from variot - Updated: 2023-12-18 12:52Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the Open member, leading to a function-pointer overwrite. Invensys is a leading provider of automation and information technology, systems, software solutions, services and consulting for the manufacturing and infrastructure industries. Invensys WWCabFile AciveX component has a heap-based buffer overflow. Multiple Invensys products are prone to multiple heap-based buffer-overflow vulnerabilities. Attackers may exploit these issues to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Invensys Products ActiveX Control Buffer Overflow Vulnerabilities
SECUNIA ADVISORY ID: SA48675
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48675/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48675
RELEASE DATE: 2012-04-02
DISCUSS ADVISORY: http://secunia.com/advisories/48675/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48675/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48675
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in Invensys products, which can be exploited by malicious people to compromise a user's system.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code. * Invensys Wonderware InTouch versions 10.0 through 10.5.
SOLUTION: Install patch. Please see the vendor's advisory for more information.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Celil Unuver, SignalSec Corporation.
ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf
Wonderware (requires login): https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0163",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intouch",
"scope": "eq",
"trust": 2.5,
"vendor": "invensys",
"version": "10.0"
},
{
"model": "intouch",
"scope": "eq",
"trust": 2.5,
"vendor": "invensys",
"version": "10.5"
},
{
"model": "archestra application object toolkit",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "3.2"
},
{
"model": "foxboro control software",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "infusion control edition",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "infusion foundation edition",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "infusion scada",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "wonderware application server",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2012"
},
{
"model": "wonderware information server",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.5,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "foxboro control software",
"scope": "eq",
"trust": 1.5,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "archestra application object toolkit",
"scope": "eq",
"trust": 1.5,
"vendor": "invensys",
"version": "3.2"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.0,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "20120"
},
{
"model": "infusion ce/fe/scada",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "intouch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "10.0 to 10.5"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2012"
},
{
"model": "infusion control edition",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "infusion scada",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "infusion foundation edition",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "archestra application object toolkit",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "foxboro control",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "infusion control edition",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "infusion edition",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "infusion scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch",
"version": "10.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch",
"version": "10.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware application server",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"db": "NVD",
"id": "CVE-2012-0257"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_scada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:archestra_application_object_toolkit:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_control_edition:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_foundation_edition:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:foxboro_control_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0257"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Celil Unuver of SignalSec Corporation",
"sources": [
{
"db": "BID",
"id": "52835"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
],
"trust": 0.9
},
"cve": "CVE-2012-0257",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-0257",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-53538",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-0257",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-596",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-53538",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53538"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"db": "NVD",
"id": "CVE-2012-0257"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the Open member, leading to a function-pointer overwrite. Invensys is a leading provider of automation and information technology, systems, software solutions, services and consulting for the manufacturing and infrastructure industries. Invensys WWCabFile AciveX component has a heap-based buffer overflow. Multiple Invensys products are prone to multiple heap-based buffer-overflow vulnerabilities. \nAttackers may exploit these issues to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Products ActiveX Control Buffer Overflow Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48675\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48675/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48675\n\nRELEASE DATE:\n2012-04-02\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48675/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48675/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48675\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in Invensys products, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n* Invensys Wonderware InTouch versions 10.0 through 10.5. \n\nSOLUTION:\nInstall patch. Please see the vendor\u0027s advisory for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Celil Unuver, SignalSec Corporation. \n\nORIGINAL ADVISORY:\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf\n\nWonderware (requires login):\nhttps://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0257"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53538"
},
{
"db": "PACKETSTORM",
"id": "111462"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0257",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-081-01",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "48675",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "80891",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201203-596",
"trust": 0.9
},
{
"db": "BID",
"id": "52835",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-1690",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987",
"trust": 0.8
},
{
"db": "IVD",
"id": "F9B5871A-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-53538",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111462",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"db": "VULHUB",
"id": "VHN-53538"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"db": "PACKETSTORM",
"id": "111462"
},
{
"db": "NVD",
"id": "CVE-2012-0257"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
]
},
"id": "VAR-201204-0163",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"db": "VULHUB",
"id": "VHN-53538"
}
],
"trust": 1.5170465000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1690"
}
]
},
"last_update_date": "2023-12-18T12:52:18.589000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Multiple Invensys Products Remote Heap Buffer Overflow Vulnerability (CNVD-2012-1690)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/15178"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53538"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"db": "NVD",
"id": "CVE-2012-0257"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-081-01.pdf"
},
{
"trust": 1.8,
"url": "https://wdnresource.wonderware.com/support/docs/_securitybulletins/security_bulletin_lfsec00000071.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48675"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80891"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0257"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0257"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/52835"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48675/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48675/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48675"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"db": "VULHUB",
"id": "VHN-53538"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"db": "PACKETSTORM",
"id": "111462"
},
{
"db": "NVD",
"id": "CVE-2012-0257"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"db": "VULHUB",
"id": "VHN-53538"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"db": "PACKETSTORM",
"id": "111462"
},
{
"db": "NVD",
"id": "CVE-2012-0257"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-01T00:00:00",
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"date": "2012-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-53538"
},
{
"date": "2012-03-30T00:00:00",
"db": "BID",
"id": "52835"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"date": "2012-04-02T05:26:16",
"db": "PACKETSTORM",
"id": "111462"
},
{
"date": "2012-04-02T20:55:02.187000",
"db": "NVD",
"id": "CVE-2012-0257"
},
{
"date": "2012-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1690"
},
{
"date": "2013-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-53538"
},
{
"date": "2012-03-30T00:00:00",
"db": "BID",
"id": "52835"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001987"
},
{
"date": "2013-03-26T03:32:04.500000",
"db": "NVD",
"id": "CVE-2012-0257"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Invensys Heap-based buffer overflow vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001987"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "f9b5871a-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-596"
}
],
"trust": 0.8
}
}
VAR-201204-0164
Vulnerability from variot - Updated: 2023-12-18 12:52Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member. Invensys is a leading provider of automation and information technology, systems, software solutions, services and consulting for the manufacturing and infrastructure industries. Multiple Invensys products are prone to multiple heap-based buffer-overflow vulnerabilities. Attackers may exploit these issues to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Invensys Products ActiveX Control Buffer Overflow Vulnerabilities
SECUNIA ADVISORY ID: SA48675
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48675/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48675
RELEASE DATE: 2012-04-02
DISCUSS ADVISORY: http://secunia.com/advisories/48675/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48675/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48675
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in Invensys products, which can be exploited by malicious people to compromise a user's system.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code. * Invensys Wonderware InTouch versions 10.0 through 10.5.
SOLUTION: Install patch. Please see the vendor's advisory for more information.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Celil Unuver, SignalSec Corporation.
ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf
Wonderware (requires login): https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0164",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intouch",
"scope": "eq",
"trust": 2.5,
"vendor": "invensys",
"version": "10.0"
},
{
"model": "intouch",
"scope": "eq",
"trust": 2.5,
"vendor": "invensys",
"version": "10.5"
},
{
"model": "archestra application object toolkit",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "3.2"
},
{
"model": "foxboro control software",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "infusion control edition",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "infusion foundation edition",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "infusion scada",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "wonderware application server",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "2012"
},
{
"model": "wonderware information server",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.5,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "archestra application object toolkit",
"scope": "eq",
"trust": 1.5,
"vendor": "invensys",
"version": "3.2"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.0,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "20120"
},
{
"model": "infusion ce/fe/scada",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "foxboro control software",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "intouch",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "10.0 to 10.5"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2012"
},
{
"model": "infusion control edition",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "infusion scada",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.5"
},
{
"model": "infusion foundation edition",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "archestra application object toolkit",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "foxboro control",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "infusion control edition",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "infusion edition",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "infusion scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch",
"version": "10.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch",
"version": "10.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware application server",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"db": "NVD",
"id": "CVE-2012-0258"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:foxboro_control_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_control_edition:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_foundation_edition:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_scada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:archestra_application_object_toolkit:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:intouch:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0258"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Celil Unuver of SignalSec Corporation",
"sources": [
{
"db": "BID",
"id": "52835"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
],
"trust": 0.9
},
"cve": "CVE-2012-0258",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-0258",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-53539",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-0258",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-597",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-53539",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53539"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"db": "NVD",
"id": "CVE-2012-0258"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member. Invensys is a leading provider of automation and information technology, systems, software solutions, services and consulting for the manufacturing and infrastructure industries. Multiple Invensys products are prone to multiple heap-based buffer-overflow vulnerabilities. \nAttackers may exploit these issues to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Products ActiveX Control Buffer Overflow Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48675\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48675/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48675\n\nRELEASE DATE:\n2012-04-02\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48675/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48675/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48675\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in Invensys products, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n* Invensys Wonderware InTouch versions 10.0 through 10.5. \n\nSOLUTION:\nInstall patch. Please see the vendor\u0027s advisory for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Celil Unuver, SignalSec Corporation. \n\nORIGINAL ADVISORY:\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf\n\nWonderware (requires login):\nhttps://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0258"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53539"
},
{
"db": "PACKETSTORM",
"id": "111462"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0258",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-081-01",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "48675",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "80891",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201203-597",
"trust": 0.9
},
{
"db": "BID",
"id": "52835",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-1691",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988",
"trust": 0.8
},
{
"db": "IVD",
"id": "F9A8B710-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-53539",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111462",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"db": "VULHUB",
"id": "VHN-53539"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"db": "PACKETSTORM",
"id": "111462"
},
{
"db": "NVD",
"id": "CVE-2012-0258"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
]
},
"id": "VAR-201204-0164",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"db": "VULHUB",
"id": "VHN-53539"
}
],
"trust": 1.5170465000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1691"
}
]
},
"last_update_date": "2023-12-18T12:52:18.529000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Multiple Invensys Products Remote Heap Buffer Overflow Vulnerability (CNVD-2012-1691)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/15179"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53539"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"db": "NVD",
"id": "CVE-2012-0258"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-081-01.pdf"
},
{
"trust": 1.8,
"url": "https://wdnresource.wonderware.com/support/docs/_securitybulletins/security_bulletin_lfsec00000071.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48675"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80891"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0258"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0258"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/52835"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48675/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48675/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48675"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"db": "VULHUB",
"id": "VHN-53539"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"db": "PACKETSTORM",
"id": "111462"
},
{
"db": "NVD",
"id": "CVE-2012-0258"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"db": "VULHUB",
"id": "VHN-53539"
},
{
"db": "BID",
"id": "52835"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"db": "PACKETSTORM",
"id": "111462"
},
{
"db": "NVD",
"id": "CVE-2012-0258"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-01T00:00:00",
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"date": "2012-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-53539"
},
{
"date": "2012-03-30T00:00:00",
"db": "BID",
"id": "52835"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"date": "2012-04-02T05:26:16",
"db": "PACKETSTORM",
"id": "111462"
},
{
"date": "2012-04-02T20:55:02.230000",
"db": "NVD",
"id": "CVE-2012-0258"
},
{
"date": "2012-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1691"
},
{
"date": "2013-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-53539"
},
{
"date": "2012-03-30T00:00:00",
"db": "BID",
"id": "52835"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001988"
},
{
"date": "2013-03-26T03:32:04.703000",
"db": "NVD",
"id": "CVE-2012-0258"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Invensys Heap-based buffer overflow vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001988"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "f9a8b710-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-597"
}
],
"trust": 0.8
}
}
VAR-201310-0035
Vulnerability from variot - Updated: 2023-12-18 12:45Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Invensys Wonderware InTouch HMI To read any file, to an Internet server HTTP Request sent or service disruption (CPU And memory consumption ) Vulnerabilities exist. Invensys Wonderware InTouch is an HMI created by Invensys Wonderware for applications that design, build, deploy, and maintain production and infrastructure operations. Invensys Wonderware InTouch is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The attacker may also exploit this issue to cause denial-of-service conditions. Invensys Wonderware InTouch 2012 R2 and prior versions are vulnerable. Invensys Wonderware InTouch is an open, scalable HMI and SCADA monitoring solution from Invensys, UK. The solution creates standardized, reusable visualization applications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201310-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware intouch",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "2012"
},
{
"model": "wonderware intouch hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "invensys",
"version": "2012 r2"
},
{
"model": "wonderware intouch",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "10.x"
},
{
"model": "wonderware intouch",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "2012"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware intouch",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"db": "NVD",
"id": "CVE-2012-4709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_intouch:*:r2:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2012",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4709"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Nikita Mikhalevsky, Timur Yunusov, Denis Baranov, Ilya Karpov, Vyacheslav Egoshin, Dmitry Serebryannikov, Alexey Osipov, Ivan Poliyanchuk, and Evgeny Ermakov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "62660"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
],
"trust": 0.9
},
"cve": "CVE-2012-4709",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-4709",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-13371",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-57990",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4709",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-13371",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-506",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-57990",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"db": "VULHUB",
"id": "VHN-57990"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"db": "NVD",
"id": "CVE-2012-4709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Invensys Wonderware InTouch HMI To read any file, to an Internet server HTTP Request sent or service disruption (CPU And memory consumption ) Vulnerabilities exist. Invensys Wonderware InTouch is an HMI created by Invensys Wonderware for applications that design, build, deploy, and maintain production and infrastructure operations. Invensys Wonderware InTouch is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The attacker may also exploit this issue to cause denial-of-service conditions. \nInvensys Wonderware InTouch 2012 R2 and prior versions are vulnerable. Invensys Wonderware InTouch is an open, scalable HMI and SCADA monitoring solution from Invensys, UK. The solution creates standardized, reusable visualization applications",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4709"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"db": "BID",
"id": "62660"
},
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57990"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4709",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-13-276-01",
"trust": 2.5
},
{
"db": "BID",
"id": "62660",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201309-506",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2013-13371",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "54923",
"trust": 0.6
},
{
"db": "IVD",
"id": "4C1C0272-1F08-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "95EA02A2-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-57990",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"db": "VULHUB",
"id": "VHN-57990"
},
{
"db": "BID",
"id": "62660"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"db": "NVD",
"id": "CVE-2012-4709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
]
},
"id": "VAR-201310-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"db": "VULHUB",
"id": "VHN-57990"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13371"
}
]
},
"last_update_date": "2023-12-18T12:45:31.110000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wonderware InTouch HMI",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/wonderwareintouchhmi.aspx"
},
{
"title": "Invensys Wonderware InTouch XML External Entity Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/39897"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57990"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"db": "NVD",
"id": "CVE-2012-4709"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-276-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4709"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4709"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/54923/"
},
{
"trust": 0.6,
"url": "http://iom.invensys.com/en/pdflibrary/security_bulletin_lfsec00000081.pdf"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62660"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"db": "VULHUB",
"id": "VHN-57990"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"db": "NVD",
"id": "CVE-2012-4709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"db": "VULHUB",
"id": "VHN-57990"
},
{
"db": "BID",
"id": "62660"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"db": "NVD",
"id": "CVE-2012-4709"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-29T00:00:00",
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-29T00:00:00",
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"date": "2013-10-13T00:00:00",
"db": "VULHUB",
"id": "VHN-57990"
},
{
"date": "2013-09-20T00:00:00",
"db": "BID",
"id": "62660"
},
{
"date": "2013-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"date": "2013-10-13T10:20:02.927000",
"db": "NVD",
"id": "CVE-2012-4709"
},
{
"date": "2013-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13371"
},
{
"date": "2013-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57990"
},
{
"date": "2013-10-10T08:23:00",
"db": "BID",
"id": "62660"
},
{
"date": "2013-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004624"
},
{
"date": "2013-10-15T16:41:31.587000",
"db": "NVD",
"id": "CVE-2012-4709"
},
{
"date": "2013-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware InTouch XML External entity sensitive information disclosure vulnerability",
"sources": [
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13371"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "4c1c0272-1f08-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "95ea02a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-506"
}
],
"trust": 1.0
}
}
VAR-200805-0133
Vulnerability from variot - Updated: 2023-12-18 12:39The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in WonderWare InTouch 8.0, allows remote attackers to cause a denial of service (NULL pointer dereference and service shutdown) and possibly execute arbitrary code via a large length value in a Registration packet to TCP port 5413, which causes a memory allocation failure. Wonderware SuiteLink Crafted by TCP Denial of service when processing packets (DoS) There are vulnerabilities that may be affected. Wonderware SuiteLink Is the protocol used in the control system. Implemented this protocol Wonderware SuiteLink Service(slssvc.exe) Is Windows As a service on 5413/tcp Use to communicate. Wonderware SuiteLink Service(slssvc.exe) In TCP There is a problem with the processing of the packet, and receiving a specially crafted packet can cause a service outage.Denial of service by remote third party (DoS) There is a possibility of being attacked. WonderWare is a supplier of industrial automation and information software solutions. WonderWare has a vulnerability in processing malformed request data, which could be exploited by remote attackers to render services unavailable. WonderWare's SuiteLink service listens for connections on port 5413 / TCP. Non-authenticated client programs connected to the service can send malformed messages, and by calling the new () operator, the memory allocation operation fails and returns a null pointer. Due to the lack of error checking on the results of memory allocation operations, the program may later use null pointers as targets for memory copy operations, which may trigger memory access exceptions and terminate services. An attacker can trigger a memory allocation operation failure by specifying an oversized field in the Registration message. The following binary program segment describes the cause of the vulnerability: .text: 00405C1B mov esi, [ebp + dwLen]; Our value from packet
...
.text: 00405C20 push edi
.text: 00405C21 test esi, esi; Check value! = 0
...
.text: 00405C31 push esi; Alloc with our length
.text: 00405C32 mov [ebp + var_4], 0
.text: 00405C39 call operator new (uint); Big values return NULL
.text: 00405C3E mov ecx, esi; Memcpy with our length
.text: 00405C40 mov esi, [ebp + pDestionationAddr]
.text: 00405C43 mov [ebx + 4], eax; new result is used as dest
.text: 00405C46 mov edi, eax; address without checks.
.text: 00405C48 mov eax, ecx
.text: 00405C4A add esp, 4
.text: 00405C4D shr ecx, 2
.text: 00405C50 rep movsd; AV due to invalid
.text: 00405C52 mov ecx, eax; destination pointer.
.text: 00405C54 and ecx, 3
------------ /. Wonderware SuiteLink is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed. Versions prior to Wonderware SuiteLink 2.0 Patch 01 are vulnerable. UPDATE: References to Wonderware InTouch 8.0 have been removed; that software is not affected by this vulnerability. ----------------------------------------------------------------------
Secunia Network Software Inspector 2.0 (NSI) - Public Beta
The Public Beta has ended. Thanks to all that participated.
PROVIDED AND/OR DISCOVERED BY: Sebastian Muniz, Core Security Technologies
ORIGINAL ADVISORY: Wonderware (requires login): http://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002260.htm
CORE-2008-0129: http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=2187
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Wonderware SuiteLink Denial of Service vulnerability
Advisory Information
Title: Wonderware SuiteLink Denial of Service vulnerability Advisory ID: CORE-2008-0129 Advisory URL: http://www.coresecurity.com/?action=item&id=2187 Date published: 2008-05-05 Date of last update: 2008-05-05 Vendors contacted: Wonderware Release mode: Coordinated release
Vulnerability Information
Class: Denial of service
Remotely Exploitable: Yes
Locally Exploitable: No
Bugtraq ID: 28974
CVE Name: CVE-2008-2005
Vulnerability Description
WonderWare is supplier of industrial automation and information software solutions. According to the company's website [1]: "one third of the world's plants run Wonderware software solutions. Having sold more than 500,000 software licenses in over 100,000 plants worldwide, Wonderware has customers in virtually every global industry - including Oil & Gas, Food & Beverage, Utilities, Pharmaceuticals, Electronics, Metals, Automotive and more".
WonderWare offers software solutions in the areas of Production and Performance Management, and Geographical SCADA and Supervisory HMI (Human-Machine Interface). Several of these solutions running on Microsoft Windows Operating Systems use a common software component, the SuiteLink Service, to implement communications between components using a proprietary protocol over TCP/IP networks. Exploitation of the vulnerability for remote code execution has not been proven, but it has not been eliminated as a potential scenario.
Vulnerable Packages
.
Non-vulnerable Packages
. Contact WonderWare for details.
Vendor Information, Solutions and Workarounds
The vendor has made a technical document available to registered customers detailing how to address this issue [2]. Additionally, an extensive guide detailing how to deploy and secure Industrial Control Systems is available at the vendor's support site [3].
Vendor Statement:
Wonderware, a business unit of Invensys, is committed to collaborate with our customers and industry standards committees to provide secure applications, security best practices, deployment guidelines, tools and prescriptive guidance for maintaining a secure environment. A potential denial of service issue on an insecure network which could have been instigated by a hostile internal user has been addressed in SuiteLink 2.0 Patch 01. More details can be found in Wonderware's Tech Alert 106 posted on our website along with the Patch. (Please note that access to the Tech Alert and the Patch will require that you register on our web site.) Wonderware users interested in upgrading should contact Wonderware or their local distributor.
Credits
This vulnerability was discovered and researched by Sebastian Muniz from the Exploit Writers Team (EWT) at Core Security Technologies.
Technical Description / Proof of Concept Code
WonderWare SuiteLink is a service that runs on Microsoft Windows Operating Systems listening for connections on port 5413/tcp. .text:00405C54 and ecx, 3
- -----------/
Report Timeline
. 2008-01-30: Initial contact email sent by to Wonderware setting the estimated publication date of the advisory to February 25th. 2008-01-30: Contact email re-sent to Wonderware asking for a software security contact for Wonderware InTouch. 2008-02-06: New email sent to Wonderware asking for a response and for a software security contact for Wonderware InTouch. 2008-02-28: Core makes direct phone calls to Wonderware headquarters informing of the previous emails and requesting acknowledgement of the notification of a security vulnerability. 2008-02-28: As requested during the phone call, Core re-sends the original notification mail, stating that an advisory draft describing the vulnerability is available since January 30th. The publication of the advisory is re-scheduled to March 24th. 2008-02-28: Vendor acknowledges the email notification. 2008-02-28: Core sends the advisory draft to Wonderware support team. 2008-02-29: Vendor acknowledges reception of the report and states that it understands the seriousness of the problem and that its development team will look into it. 2008-02-29: Vendor asks for a copy of the proof of concept code used to demonstrate the vulnerability. 2008-03-03: Core sends proof-of-concept code written in Python. 2008-03-05: Vendor asks for compiler tools required to use the PoC code. 2008-03-05: Core sends a link to http://www.python.org where a Python interpreter can be downloaded. 2008-03-10: Vendor requests more information about the network and the firewall settings used during the tests and inquires about conformance (or lack thereof) of the tested network with the vendor's security policies and recommendations. 2008-03-10: Vendor asks for details about how the advisory will be published. 2008-03-12: Core responds that the workstation running the vulnerable service had no firewall activated in the tests, but since the Wonderware SuiteLink Service allows incoming connections it is assumed that the corresponding port should be allowed to receive inbound session establishment packets. Core offers the vendor the opportunity to include additional information in the "vendor information" section of the advisory. Core explains that the advisory will be published on Core's website and sent to security mailing lists. Core also reminds the vendor that the publication date of the advisory has been moved from February 25th to March 24th, and explains that it is willing to discuss a new publication date on the basis of having concrete plans, with a specific date for the fix release. 2008-03-21: Vendor indicates that it will be unable to commit to releasing fixes by March 24th and requests publication of the advisory to be delayed to create a fix for vulnerable customers. The development team is investigating how long it will take to make such a fix available. The vendor indicates that the previous questions about firewall setup referred to the vendor's recommended practices to secure networks on which their systems run using firewalls and IPsec. 2008-03-21: Vendor indicates that it is issuing a Tech Alert to its customers to address the issue. Details about the vulnerability have been minimized in the Tech Alert. The vendor expresses concern about the level of detail included in Core's advisory and requests that those details be removed from the advisory because they give more detail than what is needed to make people aware of the issue, and may lend itself to use by people who might want to exploit it. Early estimates put the delivery time for a fix at approximately three months, and the estimate is not final. Vendor asks Core to delay any publication until it is able to have a software fix ready. 2008-03-21: Core asks if the three-month estimate should be assumed to have begun since the vendor's initial acknowledgement of Core's notification -- which puts the estimated date for the release of a fix at the end of May -- or since the date of the last email received (fix released at the end of June). Core indicates that as of today it still has no confirmation from the vendor that the vulnerability was replicated and identified, and that the fix is already under development or testing, and that is the information needed to re-schedule the publication date. Core is expecting to receive that information from the vendor, but in the meantime publication of the advisory is re-scheduled to March 31st 2008. With regards to the questions and requests about the contents of the security advisory, Core indicates that Core's technical publications are aimed at providing legitimate security practitioners worldwide with the technical details necessary to understand the nature of the security issues reported; so they are able to devise, by their own judgment, the risk mitigation approach that fits them the best. For that purpose, Core believes that it is fundamental that they have precise and accurate technical details about security issues -- as Wonderware itself has demonstrated with the request for further technical details and proof-of-concept code -- and that the whole reporting and disclosure process is transparent for scrutiny of all interested parties. 2008-03-21: Vendor acknowledges Core's email and provides a copy of the issued Technical Alert 106 and indicates that will provide more information by March 25th 2008. 2008-03-26: Vendor confirms to have replicated the issue reported and indicated that the Tech Alert 106 sent to customers confirms and recognizes the issue. The Tech Alert also points out what measures can be taken to mitigate risk. A project has been charter and is in progress to fix this issue and properly QA the fix. With regard to the contents of Core's report, it says that stating that a Denial of Service of SuiteLink communication can be created from a remote node sends a corrupted data packet seems to be sufficient to make people aware. The vendor says that is having trouble understanding what the value is in providing specific detail as to what technical issue is happening and asks for clarification to understand how this information would benefit organizations. The vendor acknowledges that the proof of concept code did help to replicate the issue and that without it, it would have needed more time to identify it from the report alone. The concern is that the details provided in the report may give a hacker a specific direction to look for the vulnerability. Finally, the vendor indicates that will have a better estimation for the rlease date of a fix by Friday March 28th, 2008. 2008-03-27: Core acknowledges the vendor's email and indicates that is looking forward to having the new estimate by Friday. 2008-03-28: Vendor informs that it has brought the estimated release date in to May 2nd. If things go well during QA, they may be able to bring that date in sooner and vendor requests that Core postpone publication until that time. 2008-03-28: Core re-schedules publication of the advisory to May 2nd 2008 and says that it considers this date final unless the vendor indicates any deviation from the current estimate with at least a week in advance of the publication date, in which case Core would re-evaluate postponing publication up to 5 working days. With regard to the previous inquiry about the advisory's content, Core states that the purpose of publishing security advisories and the rationale used to define their content is simple and hopefully, once explained, both reasonable and understandable. Core publishes advisories not only to make users aware of the existence of a given vulnerability but also to facilitate its mitigation by either official or any other means that the security community and/or the vulnerable user population may devise. In order to do so, Core has learned over the course of 13 years working in this particular field that it is fundamental to provide precise and accurate technical information about problems. It is that information that can help other security practitioners to determine how to prevent exploitation, detect attacks or to verify that a fix or workaround is actually functioning properly. Thus, Core believes that it is necessary not only to indicate the mere existence of the bug, but also to explain how to uniquely identify it in the vulnerable software (to avoid confusion with all other known bugs or to differentiate it from others that may be discovered in the future). It is also important to determine how the vulnerability could be used by potential attackers so that proper detection mechanisms can be built, for example firewall rules, or IDS and antivirus signatures. While Core recognizes that this may provide some additional data to would-be attackers, clearly it also provides preciously needed information to the defenders thus, leveling a field on which Core believes the attackers are initially at advantage. 2008-04-01: Vendor acknowledges previous email and indicates that it will provide a new update as soon as is available. 2008-04-28: Vendor informs Core that a fix for the vulnerability in SuiteLink has been released. 2008-04-28: Core acknowledges previous emails and requests an official vendor statement for the security advisory and more details about the vulnerable packages and versions. Multiple products use SuiteLink. 2008-04-30: The advisory is ready for release, but the publication date is re-scheduled to May 5th because May 1st is a public holiday in many countries (International Workers' Day) and Core does not usually publish advisories on Fridays (to avoid IT work on weekends). 2008-05-05: CORE-2008-0129 advisory is published.
References
[1] WonderWare website http://us.wonderware.com/ [2] Tech Alert 106 http://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002260.htm [3] WonderWare Security Manual - Securing Industrial Control Systems
http://www.wonderware.com/support/mmi/esupport/securitycentral/documents/BestPractices/WWSecGd041707_External.pdf
About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://www.coresecurity.com/corelabs/.
About Core Security Technologies
Core Security Technologies develops strategic solutions that help security-conscious organizations worldwide develop and maintain a proactive process for securing their networks. The company's flagship product, CORE IMPACT, is the most comprehensive product for performing enterprise security assurance testing. CORE IMPACT evaluates network, endpoint and end-user vulnerabilities and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core Security Technologies augments its leading technology solution with world-class security consulting services, including penetration testing and software security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at http://www.coresecurity.com.
Disclaimer
The contents of this advisory are copyright (c) 2008 Core Security Technologies and (c) 2008 CoreLabs, and may be distributed freely provided that no fee is charged for this distribution and proper credit is given.
GPG/PGP Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIH2eAyNibggitWa0RAtlcAKCgV83vS0v4aLVTRtFmkBsEg0UPXgCdHL4p si+I8mGJwJuglh+QESsZ9ZE= =705O -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200805-0133",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "suitelink",
"scope": "eq",
"trust": 1.9,
"vendor": "wonderware",
"version": "2.0"
},
{
"model": "intouch",
"scope": "eq",
"trust": 1.6,
"vendor": "wonderware",
"version": "8.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "invensys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wonderware",
"version": null
},
{
"model": "suitelink",
"scope": "lt",
"trust": 0.8,
"vendor": "wonderware",
"version": "version 2.0 patch 01 earlier"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "intouch",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "suitelink",
"version": "2.0"
},
{
"model": "suitelink patch",
"scope": "ne",
"trust": 0.3,
"vendor": "wonderware",
"version": "2.001"
}
],
"sources": [
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#596268"
},
{
"db": "CNVD",
"id": "CNVD-2008-2191"
},
{
"db": "BID",
"id": "28974"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"db": "NVD",
"id": "CVE-2008-2005"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wonderware:intouch:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wonderware:suitelink:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2005"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sebastian Muniz",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
],
"trust": 0.6
},
"cve": "CVE-2008-2005",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-2005",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-2005",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#596268",
"trust": 0.8,
"value": "3.07"
},
{
"author": "CNNVD",
"id": "CNNVD-200805-037",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#596268"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"db": "NVD",
"id": "CVE-2008-2005"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in WonderWare InTouch 8.0, allows remote attackers to cause a denial of service (NULL pointer dereference and service shutdown) and possibly execute arbitrary code via a large length value in a Registration packet to TCP port 5413, which causes a memory allocation failure. Wonderware SuiteLink Crafted by TCP Denial of service when processing packets (DoS) There are vulnerabilities that may be affected. Wonderware SuiteLink Is the protocol used in the control system. Implemented this protocol Wonderware SuiteLink Service(slssvc.exe) Is Windows As a service on 5413/tcp Use to communicate. Wonderware SuiteLink Service(slssvc.exe) In TCP There is a problem with the processing of the packet, and receiving a specially crafted packet can cause a service outage.Denial of service by remote third party (DoS) There is a possibility of being attacked. WonderWare is a supplier of industrial automation and information software solutions. WonderWare has a vulnerability in processing malformed request data, which could be exploited by remote attackers to render services unavailable. WonderWare\u0027s SuiteLink service listens for connections on port 5413 / TCP. Non-authenticated client programs connected to the service can send malformed messages, and by calling the new () operator, the memory allocation operation fails and returns a null pointer. Due to the lack of error checking on the results of memory allocation operations, the program may later use null pointers as targets for memory copy operations, which may trigger memory access exceptions and terminate services. An attacker can trigger a memory allocation operation failure by specifying an oversized field in the Registration message. The following binary program segment describes the cause of the vulnerability: .text: 00405C1B mov esi, [ebp + dwLen]; Our value from packet\n\n\u00a0... \n\n\u00a0.text: 00405C20 push edi\n\n\u00a0.text: 00405C21 test esi, esi; Check value! = 0\n\n\u00a0... \n\n\u00a0.text: 00405C31 push esi; Alloc with our length\n\n\u00a0.text: 00405C32 mov [ebp + var_4], 0\n\n\u00a0.text: 00405C39 call operator new (uint); Big values return NULL\n\n\u00a0.text: 00405C3E mov ecx, esi; Memcpy with our length\n\n\u00a0.text: 00405C40 mov esi, [ebp + pDestionationAddr]\n\n\u00a0.text: 00405C43 mov [ebx + 4], eax; new result is used as dest\n\n\u00a0.text: 00405C46 mov edi, eax; address without checks. \n\n\u00a0.text: 00405C48 mov eax, ecx\n\n\u00a0.text: 00405C4A add esp, 4\n\n\u00a0.text: 00405C4D shr ecx, 2\n\n\u00a0.text: 00405C50 rep movsd; AV due to invalid\n\n\u00a0.text: 00405C52 mov ecx, eax; destination pointer. \n\n\u00a0.text: 00405C54 and ecx, 3\n\n\u00a0------------ /. Wonderware SuiteLink is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed. \nVersions prior to Wonderware SuiteLink 2.0 Patch 01 are vulnerable. \nUPDATE: References to Wonderware InTouch 8.0 have been removed; that software is not affected by this vulnerability. ----------------------------------------------------------------------\n\nSecunia Network Software Inspector 2.0 (NSI) - Public Beta\n\nThe Public Beta has ended. Thanks to all that participated. \n\nPROVIDED AND/OR DISCOVERED BY:\nSebastian Muniz, Core Security Technologies\n\nORIGINAL ADVISORY:\nWonderware (requires login):\nhttp://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002260.htm\n\nCORE-2008-0129:\nhttp://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=2187\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n Core Security Technologies - CoreLabs Advisory\n http://www.coresecurity.com/corelabs/\n\n Wonderware SuiteLink Denial of Service vulnerability\n\n\n*Advisory Information*\n\nTitle: Wonderware SuiteLink Denial of Service vulnerability\nAdvisory ID: CORE-2008-0129\nAdvisory URL: http://www.coresecurity.com/?action=item\u0026id=2187\nDate published: 2008-05-05\nDate of last update: 2008-05-05\nVendors contacted: Wonderware\nRelease mode: Coordinated release\n\n\n*Vulnerability Information*\n\nClass: Denial of service\nRemotely Exploitable: Yes\nLocally Exploitable: No\nBugtraq ID: 28974\t\nCVE Name: CVE-2008-2005\t\n\n\n*Vulnerability Description*\n\nWonderWare is supplier of industrial automation and information software\nsolutions. According to the company\u0027s website [1]: \"one third of the\nworld\u0027s plants run Wonderware software solutions. Having sold more than\n500,000 software licenses in over 100,000 plants worldwide, Wonderware\nhas customers in virtually every global industry - including Oil \u0026 Gas,\nFood \u0026 Beverage, Utilities, Pharmaceuticals, Electronics, Metals,\nAutomotive and more\". \n\nWonderWare offers software solutions in the areas of Production and\nPerformance Management, and Geographical SCADA and Supervisory HMI\n(Human-Machine Interface). Several of these solutions running on\nMicrosoft Windows Operating Systems use a common software component, the\nSuiteLink Service, to implement communications between components using\na proprietary protocol over TCP/IP networks. Exploitation of the\nvulnerability for remote code execution has not been proven, but it has\nnot been eliminated as a potential scenario. \n\n\n*Vulnerable Packages*\n\n. \n\n\n*Non-vulnerable Packages*\n\n. Contact WonderWare for details. \n\n\n*Vendor Information, Solutions and Workarounds*\n\nThe vendor has made a technical document available to registered\ncustomers detailing how to address this issue [2]. Additionally, an\nextensive guide detailing how to deploy and secure Industrial Control\nSystems is available at the vendor\u0027s support site [3]. \n\nVendor Statement:\n\n Wonderware, a business unit of Invensys, is committed to collaborate\nwith our customers and industry standards committees to provide secure\napplications, security best practices, deployment guidelines, tools and\nprescriptive guidance for maintaining a secure environment. A potential\ndenial of service issue on an insecure network which could have been\ninstigated by a hostile internal user has been addressed in SuiteLink\n2.0 Patch 01. More details can be found in Wonderware\u0027s Tech Alert 106\nposted on our website along with the Patch. (Please note that access to\nthe Tech Alert and the Patch will require that you register on our web\nsite.) Wonderware users interested in upgrading should contact\nWonderware or their local distributor. \n\n\n*Credits*\n\nThis vulnerability was discovered and researched by Sebastian Muniz from\nthe Exploit Writers Team (EWT) at Core Security Technologies. \n\n\n*Technical Description / Proof of Concept Code*\n\nWonderWare SuiteLink is a service that runs on Microsoft Windows\nOperating Systems listening for connections on port 5413/tcp. \n.text:00405C54 and ecx, 3\n\n- -----------/\n\n\n*Report Timeline*\n\n. 2008-01-30: Initial contact email sent by to Wonderware setting the\nestimated publication date of the advisory to February 25th. 2008-01-30: Contact email re-sent to Wonderware asking for a software\nsecurity contact for Wonderware InTouch. 2008-02-06: New email sent to Wonderware asking for a response and for\na software security contact for Wonderware InTouch. 2008-02-28: Core makes direct phone calls to Wonderware headquarters\ninforming of the previous emails and requesting acknowledgement of the\nnotification of a security vulnerability. 2008-02-28: As requested during the phone call, Core re-sends the\noriginal notification mail, stating that an advisory draft describing\nthe vulnerability is available since January 30th. The publication of\nthe advisory is re-scheduled to March 24th. 2008-02-28: Vendor acknowledges the email notification. 2008-02-28: Core sends the advisory draft to Wonderware support team. 2008-02-29: Vendor acknowledges reception of the report and states\nthat it understands the seriousness of the problem and that its\ndevelopment team will look into it. 2008-02-29: Vendor asks for a copy of the proof of concept code used\nto demonstrate the vulnerability. 2008-03-03: Core sends proof-of-concept code written in Python. 2008-03-05: Vendor asks for compiler tools required to use the PoC code. 2008-03-05: Core sends a link to http://www.python.org where a Python\ninterpreter can be downloaded. 2008-03-10: Vendor requests more information about the network and the\nfirewall settings used during the tests and inquires about conformance\n(or lack thereof) of the tested network with the vendor\u0027s security\npolicies and recommendations. 2008-03-10: Vendor asks for details about how the advisory will be\npublished. 2008-03-12: Core responds that the workstation running the vulnerable\nservice had no firewall activated in the tests, but since the Wonderware\nSuiteLink Service allows incoming connections it is assumed that the\ncorresponding port should be allowed to receive inbound session\nestablishment packets. Core offers the vendor the opportunity to include\nadditional information in the \"vendor information\" section of the\nadvisory. Core explains that the advisory will be published on Core\u0027s\nwebsite and sent to security mailing lists. Core also reminds the vendor\nthat the publication date of the advisory has been moved from February\n25th to March 24th, and explains that it is willing to discuss a new\npublication date on the basis of having concrete plans, with a specific\ndate for the fix release. 2008-03-21: Vendor indicates that it will be unable to commit to\nreleasing fixes by March 24th and requests publication of the advisory\nto be delayed to create a fix for vulnerable customers. The development\nteam is investigating how long it will take to make such a fix\navailable. The vendor indicates that the previous questions about\nfirewall setup referred to the vendor\u0027s recommended practices to secure\nnetworks on which their systems run using firewalls and IPsec. 2008-03-21: Vendor indicates that it is issuing a Tech Alert to its\ncustomers to address the issue. Details about the vulnerability have\nbeen minimized in the Tech Alert. The vendor expresses concern about the\nlevel of detail included in Core\u0027s advisory and requests that those\ndetails be removed from the advisory because they give more detail than\nwhat is needed to make people aware of the issue, and may lend itself to\nuse by people who might want to exploit it. Early estimates put the\ndelivery time for a fix at approximately three months, and the estimate\nis not final. Vendor asks Core to delay any publication until it is able\nto have a software fix ready. 2008-03-21: Core asks if the three-month estimate should be assumed to\nhave begun since the vendor\u0027s initial acknowledgement of Core\u0027s\nnotification -- which puts the estimated date for the release of a fix\nat the end of May -- or since the date of the last email received (fix\nreleased at the end of June). Core indicates that as of today it still\nhas no confirmation from the vendor that the vulnerability was\nreplicated and identified, and that the fix is already under development\nor testing, and that is the information needed to re-schedule the\npublication date. Core is expecting to receive that information from the\nvendor, but in the meantime publication of the advisory is re-scheduled\nto March 31st 2008. With regards to the questions and requests about the\ncontents of the security advisory, Core indicates that Core\u0027s technical\npublications are aimed at providing legitimate security practitioners\nworldwide with the technical details necessary to understand the nature\nof the security issues reported; so they are able to devise, by their\nown judgment, the risk mitigation approach that fits them the best. For\nthat purpose, Core believes that it is fundamental that they have\nprecise and accurate technical details about security issues -- as\nWonderware itself has demonstrated with the request for further\ntechnical details and proof-of-concept code -- and that the whole\nreporting and disclosure process is transparent for scrutiny of all\ninterested parties. 2008-03-21: Vendor acknowledges Core\u0027s email and provides a copy of\nthe issued Technical Alert 106 and indicates that will provide more\ninformation by March 25th 2008. 2008-03-26: Vendor confirms to have replicated the issue reported and\nindicated that the Tech Alert 106 sent to customers confirms and\nrecognizes the issue. The Tech Alert also points out what measures can\nbe taken to mitigate risk. A project has been charter and is in progress\nto fix this issue and properly QA the fix. With regard to the contents\nof Core\u0027s report, it says that stating that a Denial of Service of\nSuiteLink communication can be created from a remote node sends a\ncorrupted data packet seems to be sufficient to make people aware. The\nvendor says that is having trouble understanding what the value is in\nproviding specific detail as to what technical issue is happening and\nasks for clarification to understand how this information would benefit\norganizations. The vendor acknowledges that the proof of concept code\ndid help to replicate the issue and that without it, it would have\nneeded more time to identify it from the report alone. The concern is\nthat the details provided in the report may give a hacker a specific\ndirection to look for the vulnerability. Finally, the vendor indicates\nthat will have a better estimation for the rlease date of a fix by\nFriday March 28th, 2008. 2008-03-27: Core acknowledges the vendor\u0027s email and indicates that is\nlooking forward to having the new estimate by Friday. 2008-03-28: Vendor informs that it has brought the estimated release\ndate in to May 2nd. If things go well during QA, they may be able to\nbring that date in sooner and vendor requests that Core postpone\npublication until that time. 2008-03-28: Core re-schedules publication of the advisory to May 2nd\n2008 and says that it considers this date final unless the vendor\nindicates any deviation from the current estimate with at least a week\nin advance of the publication date, in which case Core would re-evaluate\npostponing publication up to 5 working days. With regard to the previous\ninquiry about the advisory\u0027s content, Core states that the purpose of\npublishing security advisories and the rationale used to define their\ncontent is simple and hopefully, once explained, both reasonable and\nunderstandable. Core publishes advisories not only to make users aware\nof the existence of a given vulnerability but also to facilitate its\nmitigation by either official or any other means that the security\ncommunity and/or the vulnerable user population may devise. In order to\ndo so, Core has learned over the course of 13 years working in this\nparticular field that it is fundamental to provide precise and accurate\ntechnical information about problems. It is that information that can\nhelp other security practitioners to determine how to prevent\nexploitation, detect attacks or to verify that a fix or workaround is\nactually functioning properly. Thus, Core believes that it is necessary\nnot only to indicate the mere existence of the bug, but also to explain\nhow to uniquely identify it in the vulnerable software (to avoid\nconfusion with all other known bugs or to differentiate it from others\nthat may be discovered in the future). It is also important to determine\nhow the vulnerability could be used by potential attackers so that\nproper detection mechanisms can be built, for example firewall rules, or\nIDS and antivirus signatures. While Core recognizes that this may\nprovide some additional data to would-be attackers, clearly it also\nprovides preciously needed information to the defenders thus, leveling a\nfield on which Core believes the attackers are initially at advantage. 2008-04-01: Vendor acknowledges previous email and indicates that it\nwill provide a new update as soon as is available. 2008-04-28: Vendor informs Core that a fix for the vulnerability in\nSuiteLink has been released. 2008-04-28: Core acknowledges previous emails and requests an official\nvendor statement for the security advisory and more details about the\nvulnerable packages and versions. Multiple\nproducts use SuiteLink. 2008-04-30: The advisory is ready for release, but the publication\ndate is re-scheduled to May 5th because May 1st is a public holiday in\nmany countries (International Workers\u0027 Day) and Core does not usually\npublish advisories on Fridays (to avoid IT work on weekends). 2008-05-05: CORE-2008-0129 advisory is published. \n\n\n*References*\n\n[1] WonderWare website http://us.wonderware.com/\n[2] Tech Alert 106\nhttp://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002260.htm\n[3] WonderWare Security Manual - Securing Industrial Control Systems\n\nhttp://www.wonderware.com/support/mmi/esupport/securitycentral/documents/BestPractices/WWSecGd041707_External.pdf\n\n\n*About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://www.coresecurity.com/corelabs/. \n\n\n*About Core Security Technologies*\n\nCore Security Technologies develops strategic solutions that help\nsecurity-conscious organizations worldwide develop and maintain a\nproactive process for securing their networks. The company\u0027s flagship\nproduct, CORE IMPACT, is the most comprehensive product for performing\nenterprise security assurance testing. CORE IMPACT evaluates network,\nendpoint and end-user vulnerabilities and identifies what resources are\nexposed. It enables organizations to determine if current security\ninvestments are detecting and preventing attacks. Core Security\nTechnologies augments its leading technology solution with world-class\nsecurity consulting services, including penetration testing and software\nsecurity auditing. Based in Boston, MA and Buenos Aires, Argentina, Core\nSecurity Technologies can be reached at 617-399-6980 or on the Web at\nhttp://www.coresecurity.com. \n\n\n*Disclaimer*\n\nThe contents of this advisory are copyright (c) 2008 Core Security\nTechnologies and (c) 2008 CoreLabs, and may be distributed freely\nprovided that no fee is charged for this distribution and proper credit\nis given. \n\n\n*GPG/PGP Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (MingW32)\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\n\niD8DBQFIH2eAyNibggitWa0RAtlcAKCgV83vS0v4aLVTRtFmkBsEg0UPXgCdHL4p\nsi+I8mGJwJuglh+QESsZ9ZE=\n=705O\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2005"
},
{
"db": "CERT/CC",
"id": "VU#596268"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"db": "CNVD",
"id": "CNVD-2008-2191"
},
{
"db": "BID",
"id": "28974"
},
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "PACKETSTORM",
"id": "66050"
},
{
"db": "PACKETSTORM",
"id": "66028"
}
],
"trust": 3.69
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-2005",
"trust": 3.8
},
{
"db": "BID",
"id": "28974",
"trust": 3.5
},
{
"db": "CERT/CC",
"id": "VU#596268",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "30063",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "6474",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1019966",
"trust": 2.4
},
{
"db": "CNVD",
"id": "CNVD-2008-2191",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001354",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20080505 CORE-2008-0129 - WONDERWARE SUITELINK DENIAL OF SERVICE VULNERABILITY",
"trust": 0.6
},
{
"db": "MILW0RM",
"id": "6474",
"trust": 0.6
},
{
"db": "XF",
"id": "42221",
"trust": 0.6
},
{
"db": "IVD",
"id": "DD3E5AD8-23CD-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D7822E1-463F-11E9-8A01-000C29342CB1",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "66050",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "66028",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#596268"
},
{
"db": "CNVD",
"id": "CNVD-2008-2191"
},
{
"db": "BID",
"id": "28974"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"db": "PACKETSTORM",
"id": "66050"
},
{
"db": "PACKETSTORM",
"id": "66028"
},
{
"db": "NVD",
"id": "CVE-2008-2005"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
]
},
"id": "VAR-200805-0133",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2008-2191"
}
],
"trust": 1.6043447333333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2008-2191"
}
]
},
"last_update_date": "2023-12-18T12:39:35.284000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wonderware Tech Alert 106",
"trust": 0.8,
"url": "http://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002260.htm"
},
{
"title": "Wonderware Security Manual - Securing Industrial Control Systems",
"trust": 0.8,
"url": "http://www.wonderware.com/support/mmi/esupport/securitycentral/documents/bestpractices/wwsecgd041707_external.pdf"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001354"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"db": "NVD",
"id": "CVE-2008-2005"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.securityfocus.com/bid/28974"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/596268"
},
{
"trust": 2.5,
"url": "http://www.coresecurity.com/?action=item\u0026id=2187"
},
{
"trust": 2.4,
"url": "http://www.securitytracker.com/id?1019966"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/30063"
},
{
"trust": 1.4,
"url": "http://www.milw0rm.com/exploits/6474"
},
{
"trust": 1.0,
"url": "http://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002260.htm"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/491623/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42221"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/6474"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/30063/"
},
{
"trust": 0.8,
"url": "http://www.wonderware.com/support/web/secure/downloads/download_serve.asp?id=2355\u0026url=http://www.wonderware.com/support/mmi/registered/patchfixes/sl2.0p1.zip"
},
{
"trust": 0.8,
"url": "http://www.wonderware.com/support/mmi/esupport/securitycentral/documents/bestpractices/wwsecgd041707"
},
{
"trust": 0.8,
"url": "http://portal.wonderware.com/sites/securitycentral/default.aspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2005"
},
{
"trust": 0.8,
"url": "http://jvn.jp//cert/jvnvu596268/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2005"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/42221"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/491623/100/0/threaded"
},
{
"trust": 0.4,
"url": "http://us.wonderware.com/"
},
{
"trust": 0.3,
"url": "/archive/1/491623"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/index.php5?module=contentmod\u0026action=item\u0026id=2187"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector_2/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16628/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2005"
},
{
"trust": 0.1,
"url": "http://www.python.org"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "http://www.wonderware.com/support/mmi/esupport/securitycentral/documents/bestpractices/wwsecgd041707_external.pdf"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/corelabs/."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/corelabs/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#596268"
},
{
"db": "BID",
"id": "28974"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"db": "PACKETSTORM",
"id": "66050"
},
{
"db": "PACKETSTORM",
"id": "66028"
},
{
"db": "NVD",
"id": "CVE-2008-2005"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#596268"
},
{
"db": "CNVD",
"id": "CNVD-2008-2191"
},
{
"db": "BID",
"id": "28974"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"db": "PACKETSTORM",
"id": "66050"
},
{
"db": "PACKETSTORM",
"id": "66028"
},
{
"db": "NVD",
"id": "CVE-2008-2005"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-04-28T00:00:00",
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"date": "2008-04-28T00:00:00",
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"date": "2008-05-06T00:00:00",
"db": "CERT/CC",
"id": "VU#596268"
},
{
"date": "2008-04-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2008-2191"
},
{
"date": "2008-05-05T00:00:00",
"db": "BID",
"id": "28974"
},
{
"date": "2008-05-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"date": "2008-05-06T22:57:38",
"db": "PACKETSTORM",
"id": "66050"
},
{
"date": "2008-05-06T20:21:55",
"db": "PACKETSTORM",
"id": "66028"
},
{
"date": "2008-05-06T15:20:00",
"db": "NVD",
"id": "CVE-2008-2005"
},
{
"date": "2008-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-17T00:00:00",
"db": "CERT/CC",
"id": "VU#596268"
},
{
"date": "2008-04-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2008-2191"
},
{
"date": "2008-09-17T18:10:00",
"db": "BID",
"id": "28974"
},
{
"date": "2008-05-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001354"
},
{
"date": "2018-10-11T20:38:45.373000",
"db": "NVD",
"id": "CVE-2008-2005"
},
{
"date": "2009-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "66028"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WonderWare SuiteLink slssvc.exe Remote Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2008-2191"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource management error",
"sources": [
{
"db": "IVD",
"id": "dd3e5ad8-23cd-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7822e1-463f-11e9-8a01-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-037"
}
],
"trust": 1.0
}
}
VAR-201204-0175
Vulnerability from variot - Updated: 2023-12-18 12:38Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to multiple security vulnerabilities, including: 1. A cross-site scripting vulnerability 2. A SQL-injection vulnerability 3. A security-bypass vulnerability Attackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, perform unauthorized actions, obtain sensitive information, redirect a user to a potentially malicious site, cause a denial-of-service condition and compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Invensys Wonderware Products Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA48603
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48603
RELEASE DATE: 2012-04-03
DISCUSS ADVISORY: http://secunia.com/advisories/48603/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48603/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48603
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Wonderware Information Server and Invensys Wonderware Historian Client, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.
1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
3) An unspecified error in client controls can be exploited to bypass certain security restrictions.
Successful exploitation may allow execution of arbitrary code.
The vulnerabilities are reported in Wonderware Information Server versions 4.0 SP1 and 4.5 and Invensys Wonderware Historian Client versions prior to 10 SP3.
SOLUTION: Install patch. Please see original advisory for more information.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Terry McCorkle and Billy Rios.
ORIGINAL ADVISORY: http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0175",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 2.4,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server client",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0 sp1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
}
],
"sources": [
{
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"db": "NVD",
"id": "CVE-2012-0225"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0225"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Terry McCorkle and Billy Rios",
"sources": [
{
"db": "BID",
"id": "52851"
}
],
"trust": 0.3
},
"cve": "CVE-2012-0225",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-0225",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "f99a817c-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-53506",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-0225",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-005",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-53506",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53506"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"db": "NVD",
"id": "CVE-2012-0225"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to multiple security vulnerabilities, including:\n1. A cross-site scripting vulnerability\n2. A SQL-injection vulnerability\n3. A security-bypass vulnerability\nAttackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, perform unauthorized actions, obtain sensitive information, redirect a user to a potentially malicious site, cause a denial-of-service condition and compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Wonderware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48603\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48603/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603\n\nRELEASE DATE:\n2012-04-03\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48603/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48603/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Wonderware Information\nServer and Invensys Wonderware Historian Client, which can be\nexploited by malicious people to conduct cross-site scripting\nattacks, conduct SQL injection attacks, bypass certain security\nrestrictions, and compromise a vulnerable system. \n\n1) Certain unspecified input is not properly sanitised before being\nreturned to the user. This can be exploited to execute arbitrary HTML\nand script code in a user\u0027s browser session in context of an affected\nsite. \n\n2) Certain unspecified input is not properly sanitised before being\nused in SQL queries. This can be exploited to manipulate SQL queries\nby injecting arbitrary SQL code. \n\n3) An unspecified error in client controls can be exploited to bypass\ncertain security restrictions. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerabilities are reported in Wonderware Information Server\nversions 4.0 SP1 and 4.5 and Invensys Wonderware Historian Client\nversions prior to 10 SP3. \n\nSOLUTION:\nInstall patch. Please see original advisory for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Terry McCorkle and Billy Rios. \n\nORIGINAL ADVISORY:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0225"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53506"
},
{
"db": "PACKETSTORM",
"id": "111526"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0225",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-062-01",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "48603",
"trust": 1.9
},
{
"db": "BID",
"id": "52851",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1026886",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1026887",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80888",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201204-005",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-1747",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984",
"trust": 0.8
},
{
"db": "IVD",
"id": "F99A817C-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-53506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111526",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"db": "VULHUB",
"id": "VHN-53506"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0225"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
]
},
"id": "VAR-201204-0175",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"db": "VULHUB",
"id": "VHN-53506"
}
],
"trust": 1.6099074
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1747"
}
]
},
"last_update_date": "2023-12-18T12:38:50.648000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Invensys Wonderware Information Server Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/15252"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53506"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"db": "NVD",
"id": "CVE-2012-0225"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-062-01.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48603"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52851"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80888"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1026886"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1026887"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74549"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0225"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0225"
},
{
"trust": 0.3,
"url": "global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48603/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48603/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"db": "VULHUB",
"id": "VHN-53506"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0225"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"db": "VULHUB",
"id": "VHN-53506"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0225"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-06T00:00:00",
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"date": "2012-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-53506"
},
{
"date": "2012-04-02T00:00:00",
"db": "BID",
"id": "52851"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"date": "2012-04-03T05:45:09",
"db": "PACKETSTORM",
"id": "111526"
},
{
"date": "2012-04-02T20:55:01.793000",
"db": "NVD",
"id": "CVE-2012-0225"
},
{
"date": "2012-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"date": "2018-01-06T00:00:00",
"db": "VULHUB",
"id": "VHN-53506"
},
{
"date": "2012-04-02T00:00:00",
"db": "BID",
"id": "52851"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001984"
},
{
"date": "2018-01-06T02:29:28.690000",
"db": "NVD",
"id": "CVE-2012-0225"
},
{
"date": "2012-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "f99a817c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1747"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-005"
}
],
"trust": 0.6
}
}
VAR-201204-0176
Vulnerability from variot - Updated: 2023-12-18 12:38SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to multiple security vulnerabilities, including: 1. A cross-site scripting vulnerability 2. A SQL-injection vulnerability 3. A security-bypass vulnerability Attackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, perform unauthorized actions, obtain sensitive information, redirect a user to a potentially malicious site, cause a denial-of-service condition and compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Invensys Wonderware Products Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA48603
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48603
RELEASE DATE: 2012-04-03
DISCUSS ADVISORY: http://secunia.com/advisories/48603/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48603/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48603
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Wonderware Information Server and Invensys Wonderware Historian Client, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.
1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
3) An unspecified error in client controls can be exploited to bypass certain security restrictions.
Successful exploitation may allow execution of arbitrary code.
The vulnerabilities are reported in Wonderware Information Server versions 4.0 SP1 and 4.5 and Invensys Wonderware Historian Client versions prior to 10 SP3.
SOLUTION: Install patch. Please see original advisory for more information.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Terry McCorkle and Billy Rios.
ORIGINAL ADVISORY: http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0176",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 2.4,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server client",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0 sp1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
}
],
"sources": [
{
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"db": "NVD",
"id": "CVE-2012-0226"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0226"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Terry McCorkle and Billy Rios",
"sources": [
{
"db": "BID",
"id": "52851"
}
],
"trust": 0.3
},
"cve": "CVE-2012-0226",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-0226",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-53507",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-0226",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-006",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-53507",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53507"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"db": "NVD",
"id": "CVE-2012-0226"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to multiple security vulnerabilities, including:\n1. A cross-site scripting vulnerability\n2. A SQL-injection vulnerability\n3. A security-bypass vulnerability\nAttackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, perform unauthorized actions, obtain sensitive information, redirect a user to a potentially malicious site, cause a denial-of-service condition and compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Wonderware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48603\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48603/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603\n\nRELEASE DATE:\n2012-04-03\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48603/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48603/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Wonderware Information\nServer and Invensys Wonderware Historian Client, which can be\nexploited by malicious people to conduct cross-site scripting\nattacks, conduct SQL injection attacks, bypass certain security\nrestrictions, and compromise a vulnerable system. \n\n1) Certain unspecified input is not properly sanitised before being\nreturned to the user. This can be exploited to execute arbitrary HTML\nand script code in a user\u0027s browser session in context of an affected\nsite. \n\n2) Certain unspecified input is not properly sanitised before being\nused in SQL queries. This can be exploited to manipulate SQL queries\nby injecting arbitrary SQL code. \n\n3) An unspecified error in client controls can be exploited to bypass\ncertain security restrictions. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerabilities are reported in Wonderware Information Server\nversions 4.0 SP1 and 4.5 and Invensys Wonderware Historian Client\nversions prior to 10 SP3. \n\nSOLUTION:\nInstall patch. Please see original advisory for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Terry McCorkle and Billy Rios. \n\nORIGINAL ADVISORY:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0226"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53507"
},
{
"db": "PACKETSTORM",
"id": "111526"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0226",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-062-01",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "48603",
"trust": 1.9
},
{
"db": "BID",
"id": "52851",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "80889",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1026886",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1026887",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201204-006",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-1744",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985",
"trust": 0.8
},
{
"db": "IVD",
"id": "F98C76E0-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-53507",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111526",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"db": "VULHUB",
"id": "VHN-53507"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0226"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
]
},
"id": "VAR-201204-0176",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"db": "VULHUB",
"id": "VHN-53507"
}
],
"trust": 1.6099074
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1744"
}
]
},
"last_update_date": "2023-12-18T12:38:50.605000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Invensys Wonderware Information Server SQL Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/15253"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53507"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"db": "NVD",
"id": "CVE-2012-0226"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-062-01.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48603"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52851"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80889"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1026886"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1026887"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74550"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0226"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0226"
},
{
"trust": 0.3,
"url": "global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48603/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48603/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"db": "VULHUB",
"id": "VHN-53507"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0226"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"db": "VULHUB",
"id": "VHN-53507"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0226"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-06T00:00:00",
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"date": "2012-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-53507"
},
{
"date": "2012-04-02T00:00:00",
"db": "BID",
"id": "52851"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"date": "2012-04-03T05:45:09",
"db": "PACKETSTORM",
"id": "111526"
},
{
"date": "2012-04-02T20:55:01.857000",
"db": "NVD",
"id": "CVE-2012-0226"
},
{
"date": "2012-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"date": "2018-01-06T00:00:00",
"db": "VULHUB",
"id": "VHN-53507"
},
{
"date": "2012-04-02T00:00:00",
"db": "BID",
"id": "52851"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001985"
},
{
"date": "2018-01-06T02:29:28.770000",
"db": "NVD",
"id": "CVE-2012-0226"
},
{
"date": "2012-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server SQL Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1744"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "f98c76e0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-006"
}
],
"trust": 0.8
}
}
VAR-201204-0145
Vulnerability from variot - Updated: 2023-12-18 12:38Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to multiple security vulnerabilities, including: 1. A cross-site scripting vulnerability 2. A SQL-injection vulnerability 3. A security-bypass vulnerability Attackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, perform unauthorized actions, obtain sensitive information, redirect a user to a potentially malicious site, cause a denial-of-service condition and compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Invensys Wonderware Products Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA48603
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48603
RELEASE DATE: 2012-04-03
DISCUSS ADVISORY: http://secunia.com/advisories/48603/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48603/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48603
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Wonderware Information Server and Invensys Wonderware Historian Client, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.
1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Successful exploitation may allow execution of arbitrary code.
The vulnerabilities are reported in Wonderware Information Server versions 4.0 SP1 and 4.5 and Invensys Wonderware Historian Client versions prior to 10 SP3.
SOLUTION: Install patch. Please see original advisory for more information.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Terry McCorkle and Billy Rios.
ORIGINAL ADVISORY: http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0145",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 2.4,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server client",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0 sp1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
}
],
"sources": [
{
"db": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"db": "NVD",
"id": "CVE-2012-0228"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0228"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Terry McCorkle and Billy Rios",
"sources": [
{
"db": "BID",
"id": "52851"
}
],
"trust": 0.3
},
"cve": "CVE-2012-0228",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-0228",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-53509",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-0228",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-007",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-53509",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53509"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"db": "NVD",
"id": "CVE-2012-0228"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to multiple security vulnerabilities, including:\n1. A cross-site scripting vulnerability\n2. A SQL-injection vulnerability\n3. A security-bypass vulnerability\nAttackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, perform unauthorized actions, obtain sensitive information, redirect a user to a potentially malicious site, cause a denial-of-service condition and compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Wonderware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48603\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48603/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603\n\nRELEASE DATE:\n2012-04-03\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48603/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48603/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Wonderware Information\nServer and Invensys Wonderware Historian Client, which can be\nexploited by malicious people to conduct cross-site scripting\nattacks, conduct SQL injection attacks, bypass certain security\nrestrictions, and compromise a vulnerable system. \n\n1) Certain unspecified input is not properly sanitised before being\nreturned to the user. This can be exploited to execute arbitrary HTML\nand script code in a user\u0027s browser session in context of an affected\nsite. \n\n2) Certain unspecified input is not properly sanitised before being\nused in SQL queries. This can be exploited to manipulate SQL queries\nby injecting arbitrary SQL code. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerabilities are reported in Wonderware Information Server\nversions 4.0 SP1 and 4.5 and Invensys Wonderware Historian Client\nversions prior to 10 SP3. \n\nSOLUTION:\nInstall patch. Please see original advisory for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Terry McCorkle and Billy Rios. \n\nORIGINAL ADVISORY:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0228"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-53509"
},
{
"db": "PACKETSTORM",
"id": "111526"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0228",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-062-01",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "48603",
"trust": 1.9
},
{
"db": "BID",
"id": "52851",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1026887",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1026886",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80890",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201204-007",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-1743",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986",
"trust": 0.8
},
{
"db": "IVD",
"id": "F985E8C0-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-53509",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111526",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"db": "VULHUB",
"id": "VHN-53509"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0228"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
]
},
"id": "VAR-201204-0145",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"db": "VULHUB",
"id": "VHN-53509"
}
],
"trust": 1.6099074
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1743"
}
]
},
"last_update_date": "2023-12-18T12:38:50.561000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Invensys Wonderware Information Server client Access Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/15254"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-53509"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"db": "NVD",
"id": "CVE-2012-0228"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-062-01.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48603"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52851"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80890"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1026886"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1026887"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0228"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0228"
},
{
"trust": 0.3,
"url": "global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48603/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48603/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"db": "VULHUB",
"id": "VHN-53509"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0228"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"db": "VULHUB",
"id": "VHN-53509"
},
{
"db": "BID",
"id": "52851"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"db": "PACKETSTORM",
"id": "111526"
},
{
"db": "NVD",
"id": "CVE-2012-0228"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-06T00:00:00",
"db": "IVD",
"id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"date": "2012-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-53509"
},
{
"date": "2012-04-02T00:00:00",
"db": "BID",
"id": "52851"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"date": "2012-04-03T05:45:09",
"db": "PACKETSTORM",
"id": "111526"
},
{
"date": "2012-04-02T20:55:01.903000",
"db": "NVD",
"id": "CVE-2012-0228"
},
{
"date": "2012-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1743"
},
{
"date": "2018-01-06T00:00:00",
"db": "VULHUB",
"id": "VHN-53509"
},
{
"date": "2012-04-02T00:00:00",
"db": "BID",
"id": "52851"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001986"
},
{
"date": "2018-01-06T02:29:28.833000",
"db": "NVD",
"id": "CVE-2012-0228"
},
{
"date": "2012-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001986"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-007"
}
],
"trust": 0.6
}
}
VAR-201304-0006
Vulnerability from variot - Updated: 2023-12-18 12:30Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference. Invensys is a leading provider of automation and information technology, systems, software solutions, services and consulting for the manufacturing and infrastructure industries. Invensys Wonderware Win-XML has an information disclosure vulnerability. An attacker can exploit the vulnerability to gain sensitive information, which could lead to further attacks. An attacker could also exploit this vulnerability to cause a denial of service. Invensys Wonderware Win-XML Exporter is prone to an information-disclosure vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0006",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware win-xml exporter",
"scope": "eq",
"trust": 3.3,
"vendor": "invensys",
"version": "1522.148.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware win xml exporter",
"version": "1522.148.0.0"
}
],
"sources": [
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "BID",
"id": "58635"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"db": "NVD",
"id": "CVE-2012-4710"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_win-xml_exporter:1522.148.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4710"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Alexey Osipov, and Ilya Karpov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "58635"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
],
"trust": 0.9
},
"cve": "CVE-2012-4710",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-4710",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2013-03037",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "03c72976-2353-11e6-abef-000c29c66e3d",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57991",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4710",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-03037",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-454",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57991",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "VULHUB",
"id": "VHN-57991"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"db": "NVD",
"id": "CVE-2012-4710"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference. Invensys is a leading provider of automation and information technology, systems, software solutions, services and consulting for the manufacturing and infrastructure industries. Invensys Wonderware Win-XML has an information disclosure vulnerability. An attacker can exploit the vulnerability to gain sensitive information, which could lead to further attacks. An attacker could also exploit this vulnerability to cause a denial of service. Invensys Wonderware Win-XML Exporter is prone to an information-disclosure vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4710"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "BID",
"id": "58635"
},
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57991"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4710",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-067-02",
"trust": 3.1
},
{
"db": "BID",
"id": "58635",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-03037",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "52731",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-080-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "03C72976-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-57991",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "VULHUB",
"id": "VHN-57991"
},
{
"db": "BID",
"id": "58635"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"db": "NVD",
"id": "CVE-2012-4710"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
]
},
"id": "VAR-201304-0006",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "VULHUB",
"id": "VHN-57991"
}
],
"trust": 1.4555556
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-03037"
}
]
},
"last_update_date": "2023-12-18T12:30:58.743000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/en/pages/home.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/default.aspx"
},
{
"title": "Invensys Wonderware Win-XML Exporter XML External Entity Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33244"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57991"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"db": "NVD",
"id": "CVE-2012-4710"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-067-02.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4710"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4710"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52731"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58635"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-080-01.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "VULHUB",
"id": "VHN-57991"
},
{
"db": "BID",
"id": "58635"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"db": "NVD",
"id": "CVE-2012-4710"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "VULHUB",
"id": "VHN-57991"
},
{
"db": "BID",
"id": "58635"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"db": "NVD",
"id": "CVE-2012-4710"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-15T00:00:00",
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-04-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"date": "2013-04-04T00:00:00",
"db": "VULHUB",
"id": "VHN-57991"
},
{
"date": "2013-03-21T00:00:00",
"db": "BID",
"id": "58635"
},
{
"date": "2013-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"date": "2013-04-04T16:55:01.037000",
"db": "NVD",
"id": "CVE-2012-4710"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"date": "2013-04-04T00:00:00",
"db": "VULHUB",
"id": "VHN-57991"
},
{
"date": "2013-03-21T00:00:00",
"db": "BID",
"id": "58635"
},
{
"date": "2013-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002150"
},
{
"date": "2013-04-04T17:50:08.607000",
"db": "NVD",
"id": "CVE-2012-4710"
},
{
"date": "2013-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Win-XML Exporter XML External entity information disclosure vulnerability",
"sources": [
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-03037"
},
{
"db": "BID",
"id": "58635"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "03c72976-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-454"
}
],
"trust": 0.8
}
}
VAR-201008-0279
Vulnerability from variot - Updated: 2023-12-18 12:22Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method. Wonderware Archestra ConfigurationAccessComponent ActiveX The control contains a buffer overflow vulnerability. The UnsubscribeData method of the IConfigurationAccess interface privately wcscpy() copies the first parameter to the static size buffer, which can trigger a buffer overflow. Successful exploitation of a vulnerability can execute arbitrary instructions with application privileges. Wonderware Archestra ConfigurationAccessComponent ActiveX control is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed attempts will likely result in denial-of-service conditions. The vulnerable ActiveX control is included in the following products: Wonderware Application Server prior to 3.1 Service Pack 2 Patch 01
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201008-0279",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "wonderware archestra configuration access component activex control",
"scope": null,
"trust": 1.6,
"vendor": "invensys",
"version": null
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.2,
"vendor": "invensys",
"version": "3.0"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.2,
"vendor": "invensys",
"version": "2.1"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.2,
"vendor": "invensys",
"version": "2.0"
},
{
"model": "wonderware application server",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "wonderware archestra configuration access component activex control",
"scope": "eq",
"trust": 1.0,
"vendor": "invensys",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wonderware application server",
"version": "3.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "invensys",
"version": null
},
{
"model": "wonderware application server",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "3.1 sp2 p01"
},
{
"model": "wonderware application server",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "3.1 service pack 2 patch 01 earlier"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "4.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware archestra configuration access component activex control",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "infusion integrated engineering environment",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "3.0"
},
{
"model": null,
"scope": "lte",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "\u003c=3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware archestra integrated environment",
"version": "*"
},
{
"model": "wonderware application server",
"scope": "lte",
"trust": 0.2,
"vendor": "invensys",
"version": "\u003c=3.1"
}
],
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_archestra_configuration_access_component_activex_control:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_archestra_integrated_development_environment:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:*:sp2:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_integrated_engineering_environment:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2974"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IOActive",
"sources": [
{
"db": "BID",
"id": "42184"
}
],
"trust": 0.3
},
"cve": "CVE-2010-2974",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-2974",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "7d722f70-463f-11e9-b02f-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45579",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-2974",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#703189",
"trust": 0.8,
"value": "5.06"
},
{
"author": "CNNVD",
"id": "CNNVD-201008-052",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45579",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method. Wonderware Archestra ConfigurationAccessComponent ActiveX The control contains a buffer overflow vulnerability. The UnsubscribeData method of the IConfigurationAccess interface privately wcscpy() copies the first parameter to the static size buffer, which can trigger a buffer overflow. Successful exploitation of a vulnerability can execute arbitrary instructions with application privileges. Wonderware Archestra ConfigurationAccessComponent ActiveX control is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed attempts will likely result in denial-of-service conditions. \nThe vulnerable ActiveX control is included in the following products:\nWonderware Application Server prior to 3.1 Service Pack 2 Patch 01",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "BID",
"id": "42184"
},
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-45579"
}
],
"trust": 4.5
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#703189",
"trust": 5.0
},
{
"db": "NVD",
"id": "CVE-2010-2974",
"trust": 3.4
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2010-1498",
"trust": 1.0
},
{
"db": "BID",
"id": "42184",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891",
"trust": 0.8
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-230-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "46BCFBBA-1FB2-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D722F70-463F-11E9-B02F-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "00D1A20C-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-45579",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "BID",
"id": "42184"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"id": "VAR-201008-0279",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "VULHUB",
"id": "VHN-45579"
}
],
"trust": 1.9142241500000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
}
]
},
"last_update_date": "2023-12-18T12:22:24.405000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top page",
"trust": 0.8,
"url": "http://wonderwarepacwest.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://support.ips.invensys.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://www.kb.cert.org/vuls/id/703189"
},
{
"trust": 2.0,
"url": "http://www.pacwest.wonderware.com/web/news/newsdetails.aspx?newsid=203108"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/moro-87mhpt"
},
{
"trust": 1.7,
"url": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://wdn.wonderware.com(registrationrequired).http://support.ips.invensys.com(registrationrequired).http://www.pacwest.wonderware.com/web/news/newsdetails.aspx?newsid=203108https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm(registrationrequired)"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2974"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2974"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu703189"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/cert_web/services/vul-notes.nsf/6eacfaeab94596f5852569290066a50b/b96f3df70ef05a8f85257775004f739a"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-230-01.pdf"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "BID",
"id": "42184"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "BID",
"id": "42184"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-06T00:00:00",
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"date": "2010-08-06T00:00:00",
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"date": "2010-08-09T00:00:00",
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-08-04T00:00:00",
"db": "CERT/CC",
"id": "VU#703189"
},
{
"date": "2010-08-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"date": "2010-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-45579"
},
{
"date": "2010-08-04T00:00:00",
"db": "BID",
"id": "42184"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"date": "2010-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"date": "2010-08-05T19:17:55.543000",
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"date": "2010-08-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#703189"
},
{
"date": "2010-08-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"date": "2010-08-09T00:00:00",
"db": "VULHUB",
"id": "VHN-45579"
},
{
"date": "2011-08-19T17:10:00",
"db": "BID",
"id": "42184"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"date": "2010-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"date": "2010-08-09T04:00:00",
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wonderware Archestra ConfigurationAccessComponent Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "BID",
"id": "42184"
}
],
"trust": 1.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
],
"trust": 1.2
}
}
VAR-201202-0159
Vulnerability from variot - Updated: 2023-12-18 12:10Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. Dream Report is an integrated reporting solution for industrial automation. The Ocean Data Dream Report application lacks sufficient filtering of query string parameter values, can lead to cross-site scripting attacks, build specially crafted URLs, entice users to parse, get sensitive information, or hijack user sessions. This may let the attacker steal cookie-based authentication credentials and launch other attacks. Hitachi JP1/IT Desktop Management Manager 09-50 is vulnerable. Attackers can exploit these issues to execute arbitrary code in the context of the webserver, compromise the affected application, and steal cookie-based authentication credentials from legitimate users of the site. Other attacks are also possible. These issues affect Dream Report Versions prior to 4.0. ----------------------------------------------------------------------
Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817.
SOLUTION: Reportedly a patch has been released. Contact the vendor for further information. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: Ocean Data Systems Dream Report Two Vulnerabilities
SECUNIA ADVISORY ID: SA47742
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47742/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47742
RELEASE DATE: 2012-01-25
DISCUSS ADVISORY: http://secunia.com/advisories/47742/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47742/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47742
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in Ocean Data Systems Dream Report, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
1) Certain unspecified is not properly sanitised before being returned to the user.
2) An unspecified error when loading certain files can be exploited to corrupt memory via a specially crafted file.
Successful exploitation of this vulnerability may allow execution of arbitrary code, but requires tricking a user into loading a malicious file.
SOLUTION: Upgrade to version 4.0.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Billy Rios and Terry McCorkle.
ORIGINAL ADVISORY: http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0159",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware hmi reports",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "3.42.835.0304"
},
{
"model": "dream report",
"scope": "eq",
"trust": 1.6,
"vendor": "dreamreport",
"version": "3.41"
},
{
"model": "dream report",
"scope": "eq",
"trust": 1.6,
"vendor": "dreamreport",
"version": "3.42"
},
{
"model": "dream report",
"scope": "eq",
"trust": 1.6,
"vendor": "dreamreport",
"version": "3.21"
},
{
"model": "dream report",
"scope": "lte",
"trust": 1.0,
"vendor": "dreamreport",
"version": "3.43"
},
{
"model": "data systems dream reports",
"scope": "eq",
"trust": 0.9,
"vendor": "ocean",
"version": "3.0"
},
{
"model": "dream report",
"scope": "eq",
"trust": 0.6,
"vendor": "dreamreport",
"version": "3.43"
},
{
"model": "jp1/it desktop management manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50"
},
{
"model": "jp1/it desktop management manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50-01"
},
{
"model": "wonderware hmi reports",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "3.42.835.0304"
},
{
"model": "data systems dream reports",
"scope": "ne",
"trust": 0.3,
"vendor": "ocean",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dream report",
"version": "3.21"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dream report",
"version": "3.41"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dream report",
"version": "3.42"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dream report",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware hmi reports",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"db": "NVD",
"id": "CVE-2011-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-036"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_hmi_reports:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.42.835.0304",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dreamreport:dream_report:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.43",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dreamreport:dream_report:3.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dreamreport:dream_report:3.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dreamreport:dream_report:3.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4038"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Terry McCorkle",
"sources": [
{
"db": "BID",
"id": "51655"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-036"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4038",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-4038",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "23e8b278-2354-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-51983",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4038",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-036",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-51983",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-51983"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"db": "NVD",
"id": "CVE-2011-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-036"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. Dream Report is an integrated reporting solution for industrial automation. The Ocean Data Dream Report application lacks sufficient filtering of query string parameter values, can lead to cross-site scripting attacks, build specially crafted URLs, entice users to parse, get sensitive information, or hijack user sessions. This may let the attacker steal cookie-based authentication credentials and launch other attacks. \nHitachi JP1/IT Desktop Management Manager 09-50 is vulnerable. \nAttackers can exploit these issues to execute arbitrary code in the context of the webserver, compromise the affected application, and steal cookie-based authentication credentials from legitimate users of the site. Other attacks are also possible. \nThese issues affect Dream Report Versions prior to 4.0. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. \n\nSOLUTION:\nReportedly a patch has been released. Contact the vendor for further\ninformation. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nOcean Data Systems Dream Report Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA47742\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47742/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47742\n\nRELEASE DATE:\n2012-01-25\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47742/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47742/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47742\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in Ocean Data Systems Dream\nReport, which can be exploited by malicious people to conduct\ncross-site scripting attacks and compromise a user\u0027s system. \n\n1) Certain unspecified is not properly sanitised before being\nreturned to the user. \n\n2) An unspecified error when loading certain files can be exploited\nto corrupt memory via a specially crafted file. \n\nSuccessful exploitation of this vulnerability may allow execution of\narbitrary code, but requires tricking a user into loading a malicious\nfile. \n\nSOLUTION:\nUpgrade to version 4.0. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Billy Rios and Terry McCorkle. \n\nORIGINAL ADVISORY:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4038"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-51983"
},
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4038",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-024-01",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-039-01",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "47742",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "47933",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201202-036",
"trust": 0.9
},
{
"db": "BID",
"id": "51747",
"trust": 0.9
},
{
"db": "BID",
"id": "51655",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-0377",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "47774",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421",
"trust": 0.6
},
{
"db": "HITACHI",
"id": "HS12-004",
"trust": 0.4
},
{
"db": "IVD",
"id": "23E8B278-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-51983",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109606",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109139",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"db": "VULHUB",
"id": "VHN-51983"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
},
{
"db": "NVD",
"id": "CVE-2011-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-036"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
}
]
},
"id": "VAR-201202-0159",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"db": "VULHUB",
"id": "VHN-51983"
}
],
"trust": 1.7333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0377"
}
]
},
"last_update_date": "2023-12-18T12:10:15.641000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/default.aspx"
},
{
"title": "Patch for Dream Report Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/8684"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51983"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"db": "NVD",
"id": "CVE-2011-4038"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-024-01.pdf"
},
{
"trust": 2.9,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-039-01.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/47742"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/47933"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4038"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4038"
},
{
"trust": 0.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-024-01.pdfhttp"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/47774"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51655"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51747"
},
{
"trust": 0.4,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-004/index.html"
},
{
"trust": 0.3,
"url": "http://www.hds.com/products/storage-software/hitachi-device-manager.html"
},
{
"trust": 0.3,
"url": "http://www.dreamreport.net/php/download/download.php?lang=en"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://www.rsaconference.com/events/2012/usa/index.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47933/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47933/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47933"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47774/"
},
{
"trust": 0.1,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-004/index.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47774"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47774/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47742/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47742/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47742"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"db": "VULHUB",
"id": "VHN-51983"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
},
{
"db": "NVD",
"id": "CVE-2011-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-036"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"db": "VULHUB",
"id": "VHN-51983"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
},
{
"db": "NVD",
"id": "CVE-2011-4038"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-036"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-03T00:00:00",
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"date": "2012-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-51983"
},
{
"date": "2012-01-31T00:00:00",
"db": "BID",
"id": "51747"
},
{
"date": "2012-01-24T00:00:00",
"db": "BID",
"id": "51655"
},
{
"date": "2012-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"date": "2012-02-09T11:41:27",
"db": "PACKETSTORM",
"id": "109606"
},
{
"date": "2012-01-31T06:49:30",
"db": "PACKETSTORM",
"id": "109262"
},
{
"date": "2012-01-27T07:44:17",
"db": "PACKETSTORM",
"id": "109139"
},
{
"date": "2012-02-10T19:55:01.750000",
"db": "NVD",
"id": "CVE-2011-4038"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-036"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-421"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0377"
},
{
"date": "2012-02-14T00:00:00",
"db": "VULHUB",
"id": "VHN-51983"
},
{
"date": "2012-01-31T00:00:00",
"db": "BID",
"id": "51747"
},
{
"date": "2012-02-08T19:00:00",
"db": "BID",
"id": "51655"
},
{
"date": "2012-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001399"
},
{
"date": "2012-02-14T05:00:00",
"db": "NVD",
"id": "CVE-2011-4038"
},
{
"date": "2012-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-036"
},
{
"date": "2012-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-421"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-036"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dream Report Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "23e8b278-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0377"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-036"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
}
],
"trust": 1.5
}
}
VAR-201202-0154
Vulnerability from variot - Updated: 2023-12-18 12:10Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation.". Dream Report is an integrated reporting solution for industrial automation. This may let the attacker steal cookie-based authentication credentials and launch other attacks. Hitachi JP1/IT Desktop Management Manager 09-50 is vulnerable. Dream Report is prone to a cross-site scripting vulnerability and a remote code-execution vulnerability because the application fails to sufficiently sanitize user-supplied data. Attackers can exploit these issues to execute arbitrary code in the context of the webserver, compromise the affected application, and steal cookie-based authentication credentials from legitimate users of the site. Other attacks are also possible. These issues affect Dream Report Versions prior to 4.0. ----------------------------------------------------------------------
Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817.
SOLUTION: Reportedly a patch has been released. Contact the vendor for further information. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: Ocean Data Systems Dream Report Two Vulnerabilities
SECUNIA ADVISORY ID: SA47742
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47742/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47742
RELEASE DATE: 2012-01-25
DISCUSS ADVISORY: http://secunia.com/advisories/47742/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47742/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47742
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in Ocean Data Systems Dream Report, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
1) Certain unspecified is not properly sanitised before being returned to the user.
2) An unspecified error when loading certain files can be exploited to corrupt memory via a specially crafted file.
Successful exploitation of this vulnerability may allow execution of arbitrary code, but requires tricking a user into loading a malicious file.
SOLUTION: Upgrade to version 4.0.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Billy Rios and Terry McCorkle.
ORIGINAL ADVISORY: http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0154",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware hmi reports",
"scope": "lte",
"trust": 1.8,
"vendor": "invensys",
"version": "3.42.835.0304"
},
{
"model": "dream report",
"scope": "eq",
"trust": 1.6,
"vendor": "dreamreport",
"version": "3.41"
},
{
"model": "dream report",
"scope": "eq",
"trust": 1.6,
"vendor": "dreamreport",
"version": "3.42"
},
{
"model": "dream report",
"scope": "eq",
"trust": 1.6,
"vendor": "dreamreport",
"version": "3.21"
},
{
"model": "dream report",
"scope": "lte",
"trust": 1.0,
"vendor": "dreamreport",
"version": "3.43"
},
{
"model": "data systems dream reports",
"scope": "eq",
"trust": 0.9,
"vendor": "ocean",
"version": "3.0"
},
{
"model": "dream report",
"scope": "eq",
"trust": 0.6,
"vendor": "dreamreport",
"version": "3.43"
},
{
"model": "jp1/it desktop management manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50"
},
{
"model": "jp1/it desktop management manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50-01"
},
{
"model": "wonderware hmi reports",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "3.42.835.0304"
},
{
"model": "data systems dream reports",
"scope": "ne",
"trust": 0.3,
"vendor": "ocean",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dream report",
"version": "3.21"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dream report",
"version": "3.41"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dream report",
"version": "3.42"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dream report",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware hmi reports",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"db": "NVD",
"id": "CVE-2011-4039"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_hmi_reports:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.42.835.0304",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dreamreport:dream_report:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.43",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dreamreport:dream_report:3.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dreamreport:dream_report:3.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dreamreport:dream_report:3.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4039"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Terry McCorkle",
"sources": [
{
"db": "BID",
"id": "51655"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4039",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2011-4039",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "244e04de-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-51984",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4039",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-4039",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-037",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-51984",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-51984"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"db": "NVD",
"id": "CVE-2011-4039"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a \"write access violation.\". Dream Report is an integrated reporting solution for industrial automation. This may let the attacker steal cookie-based authentication credentials and launch other attacks. \nHitachi JP1/IT Desktop Management Manager 09-50 is vulnerable. Dream Report is prone to a cross-site scripting vulnerability and a remote code-execution vulnerability because the application fails to sufficiently sanitize user-supplied data. \nAttackers can exploit these issues to execute arbitrary code in the context of the webserver, compromise the affected application, and steal cookie-based authentication credentials from legitimate users of the site. Other attacks are also possible. \nThese issues affect Dream Report Versions prior to 4.0. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. \n\nSOLUTION:\nReportedly a patch has been released. Contact the vendor for further\ninformation. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nOcean Data Systems Dream Report Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA47742\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47742/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47742\n\nRELEASE DATE:\n2012-01-25\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47742/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47742/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47742\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in Ocean Data Systems Dream\nReport, which can be exploited by malicious people to conduct\ncross-site scripting attacks and compromise a user\u0027s system. \n\n1) Certain unspecified is not properly sanitised before being\nreturned to the user. \n\n2) An unspecified error when loading certain files can be exploited\nto corrupt memory via a specially crafted file. \n\nSuccessful exploitation of this vulnerability may allow execution of\narbitrary code, but requires tricking a user into loading a malicious\nfile. \n\nSOLUTION:\nUpgrade to version 4.0. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Billy Rios and Terry McCorkle. \n\nORIGINAL ADVISORY:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4039"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-51984"
},
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4039",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-024-01",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-039-01",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "47742",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "47933",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201202-037",
"trust": 0.9
},
{
"db": "BID",
"id": "51747",
"trust": 0.9
},
{
"db": "BID",
"id": "51655",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-0379",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "47774",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421",
"trust": 0.6
},
{
"db": "HITACHI",
"id": "HS12-004",
"trust": 0.4
},
{
"db": "IVD",
"id": "244E04DE-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-51984",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109606",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109139",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"db": "VULHUB",
"id": "VHN-51984"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
},
{
"db": "NVD",
"id": "CVE-2011-4039"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
]
},
"id": "VAR-201202-0154",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"db": "VULHUB",
"id": "VHN-51984"
}
],
"trust": 1.7333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0379"
}
]
},
"last_update_date": "2023-12-18T12:10:15.582000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/default.aspx"
},
{
"title": "Patch for Dream Report Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/8682"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51984"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"db": "NVD",
"id": "CVE-2011-4039"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-024-01.pdf"
},
{
"trust": 2.9,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-039-01.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/47742"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/47933"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4039"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4039"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51747"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/47774"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51655"
},
{
"trust": 0.4,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-004/index.html"
},
{
"trust": 0.3,
"url": "http://www.hds.com/products/storage-software/hitachi-device-manager.html"
},
{
"trust": 0.3,
"url": "http://www.dreamreport.net/php/download/download.php?lang=en"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://www.rsaconference.com/events/2012/usa/index.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47933/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47933/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47933"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47774/"
},
{
"trust": 0.1,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-004/index.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47774"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47774/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47742/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47742/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47742"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"db": "VULHUB",
"id": "VHN-51984"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
},
{
"db": "NVD",
"id": "CVE-2011-4039"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"db": "VULHUB",
"id": "VHN-51984"
},
{
"db": "BID",
"id": "51747"
},
{
"db": "BID",
"id": "51655"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
},
{
"db": "NVD",
"id": "CVE-2011-4039"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-03T00:00:00",
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"date": "2012-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-51984"
},
{
"date": "2012-01-31T00:00:00",
"db": "BID",
"id": "51747"
},
{
"date": "2012-01-24T00:00:00",
"db": "BID",
"id": "51655"
},
{
"date": "2012-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"date": "2012-02-09T11:41:27",
"db": "PACKETSTORM",
"id": "109606"
},
{
"date": "2012-01-31T06:49:30",
"db": "PACKETSTORM",
"id": "109262"
},
{
"date": "2012-01-27T07:44:17",
"db": "PACKETSTORM",
"id": "109139"
},
{
"date": "2012-02-10T19:55:01.797000",
"db": "NVD",
"id": "CVE-2011-4039"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-421"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0379"
},
{
"date": "2012-02-14T00:00:00",
"db": "VULHUB",
"id": "VHN-51984"
},
{
"date": "2012-01-31T00:00:00",
"db": "BID",
"id": "51747"
},
{
"date": "2012-02-08T19:00:00",
"db": "BID",
"id": "51655"
},
{
"date": "2012-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001400"
},
{
"date": "2012-02-14T05:00:00",
"db": "NVD",
"id": "CVE-2011-4039"
},
{
"date": "2012-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-421"
},
{
"date": "2012-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-037"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dream Report Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "244e04de-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0379"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "109606"
},
{
"db": "PACKETSTORM",
"id": "109262"
},
{
"db": "PACKETSTORM",
"id": "109139"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-421"
}
],
"trust": 0.9
}
}
VAR-201305-0090
Vulnerability from variot - Updated: 2023-12-18 12:09Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. There are security vulnerabilities in the implementation of Wonderware Information Server 4.0 SP1, Wonderware Information Server 4.5 Portal, and Wonderware Information Server 5.0 Portal. A local attacker exploited this vulnerability to obtain sensitive information. Through the network solution, this product can conveniently display the factory performance indicators and production data to the operation, operation and maintenance and engineering personnel, and is widely used in petroleum, natural gas, chemical and other industries. Entity (XXE) issues
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201305-0090",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0 sp1sp1"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.5- portal"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "5.0- portal"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
}
],
"sources": [
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"db": "BID",
"id": "59708"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"db": "NVD",
"id": "CVE-2013-0686"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0686"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Alexey Osipov, and Ilya Karpov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "59708"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0686",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-0686",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2013-05031",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-60688",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0686",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-05031",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201305-138",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-60688",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"db": "VULHUB",
"id": "VHN-60688"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"db": "NVD",
"id": "CVE-2013-0686"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. There are security vulnerabilities in the implementation of Wonderware Information Server 4.0 SP1, Wonderware Information Server 4.5 Portal, and Wonderware Information Server 5.0 Portal. A local attacker exploited this vulnerability to obtain sensitive information. Through the network solution, this product can conveniently display the factory performance indicators and production data to the operation, operation and maintenance and engineering personnel, and is widely used in petroleum, natural gas, chemical and other industries. Entity (XXE) issues",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0686"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"db": "BID",
"id": "59708"
},
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60688"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0686",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-113-01",
"trust": 3.4
},
{
"db": "BID",
"id": "59708",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201305-138",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-05031",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "53308",
"trust": 0.6
},
{
"db": "IVD",
"id": "F4AC02F4-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60688",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"db": "VULHUB",
"id": "VHN-60688"
},
{
"db": "BID",
"id": "59708"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"db": "NVD",
"id": "CVE-2013-0686"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
]
},
"id": "VAR-201305-0090",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"db": "VULHUB",
"id": "VHN-60688"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05031"
}
]
},
"last_update_date": "2023-12-18T12:09:22.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Invensys Wonderware Information Server Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33857"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60688"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"db": "NVD",
"id": "CVE-2013-0686"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-113-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0686"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0686"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53308"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59708"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/wonderwareinformationserver.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"db": "VULHUB",
"id": "VHN-60688"
},
{
"db": "BID",
"id": "59708"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"db": "NVD",
"id": "CVE-2013-0686"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"db": "VULHUB",
"id": "VHN-60688"
},
{
"db": "BID",
"id": "59708"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"db": "NVD",
"id": "CVE-2013-0686"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-10T00:00:00",
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"date": "2013-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-60688"
},
{
"date": "2013-05-07T00:00:00",
"db": "BID",
"id": "59708"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"date": "2013-05-09T12:31:18.990000",
"db": "NVD",
"id": "CVE-2013-0686"
},
{
"date": "2013-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-05031"
},
{
"date": "2013-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-60688"
},
{
"date": "2013-05-07T00:00:00",
"db": "BID",
"id": "59708"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002605"
},
{
"date": "2013-05-09T12:31:18.990000",
"db": "NVD",
"id": "CVE-2013-0686"
},
{
"date": "2013-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05031"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "f4ac02f4-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-138"
}
],
"trust": 0.8
}
}
VAR-201305-0088
Vulnerability from variot - Updated: 2023-12-18 12:09SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. There are security vulnerabilities in the implementation of Wonderware Information Server 4.0 SP1, Wonderware Information Server 4.5 Portal, and Wonderware Information Server 5.0 Portal. An attacker can exploit a vulnerability to compromise an application and perform unauthorized operations. Through the network solution, this product can conveniently display the factory performance indicators and production data to the operation, operation and maintenance and engineering personnel, and is widely used in petroleum, natural gas, chemical and other industries
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201305-0088",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0 sp1sp1"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.5- portal"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "5.0- portal"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
}
],
"sources": [
{
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"db": "BID",
"id": "59704"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"db": "NVD",
"id": "CVE-2013-0684"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0684"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Alexey Osipov, and Ilya Karpov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "59704"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0684",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-0684",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-05026",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "f4b83222-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-60686",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0684",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-05026",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201305-141",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-60686",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"db": "VULHUB",
"id": "VHN-60686"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"db": "NVD",
"id": "CVE-2013-0684"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. There are security vulnerabilities in the implementation of Wonderware Information Server 4.0 SP1, Wonderware Information Server 4.5 Portal, and Wonderware Information Server 5.0 Portal. An attacker can exploit a vulnerability to compromise an application and perform unauthorized operations. Through the network solution, this product can conveniently display the factory performance indicators and production data to the operation, operation and maintenance and engineering personnel, and is widely used in petroleum, natural gas, chemical and other industries",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0684"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"db": "BID",
"id": "59704"
},
{
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60686"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0684",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-113-01",
"trust": 3.1
},
{
"db": "BID",
"id": "59704",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201305-141",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-05026",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "53308",
"trust": 0.6
},
{
"db": "IVD",
"id": "F4B83222-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60686",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"db": "VULHUB",
"id": "VHN-60686"
},
{
"db": "BID",
"id": "59704"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"db": "NVD",
"id": "CVE-2013-0684"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
]
},
"id": "VAR-201305-0088",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"db": "VULHUB",
"id": "VHN-60686"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05026"
}
]
},
"last_update_date": "2023-12-18T12:09:22.104000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Invensys Wonderware Information Server SQL Injection Vulnerability (CNVD-2013-05026)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33854"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60686"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"db": "NVD",
"id": "CVE-2013-0684"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-113-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0684"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0684"
},
{
"trust": 0.6,
"url": "http://www.linuxidc.com/linux/2013-05/84035.htm"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53308"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59704"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"db": "VULHUB",
"id": "VHN-60686"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"db": "NVD",
"id": "CVE-2013-0684"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"db": "VULHUB",
"id": "VHN-60686"
},
{
"db": "BID",
"id": "59704"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"db": "NVD",
"id": "CVE-2013-0684"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-09T00:00:00",
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"date": "2013-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-60686"
},
{
"date": "2013-05-07T00:00:00",
"db": "BID",
"id": "59704"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"date": "2013-05-09T12:31:18.950000",
"db": "NVD",
"id": "CVE-2013-0684"
},
{
"date": "2013-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-05026"
},
{
"date": "2013-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-60686"
},
{
"date": "2013-05-07T00:00:00",
"db": "BID",
"id": "59704"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002603"
},
{
"date": "2013-05-09T12:31:18.950000",
"db": "NVD",
"id": "CVE-2013-0684"
},
{
"date": "2013-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002603"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "f4b83222-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-141"
}
],
"trust": 0.8
}
}
VAR-201305-0089
Vulnerability from variot - Updated: 2023-12-18 12:09Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or cause a denial of service (resource consumption) via unknown vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to a denial-of-service vulnerability. Successful exploits may allow an attacker to trigger high CPU consumption and make the application unresponsive. Note that this issue could be exploited to execute arbitrary code, however, Symantec has not been confirmed. The following versions are vulnerable: Wonderware Information Server 4.0 SP1 Wonderware Information Server 4.5 Portal Wonderware Information Server 5.0 Portal. Through the network solution, this product can conveniently display the factory performance indicators and production data to the operation, operation and maintenance and engineering personnel, and is widely used in petroleum, natural gas, chemical and other industries
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201305-0089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0 sp1sp1"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.5- portal"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "5.0- portal"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
}
],
"sources": [
{
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "BID",
"id": "59709"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"db": "NVD",
"id": "CVE-2013-0685"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0685"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Alexey Osipov, and Ilya Karpov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "59709"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0685",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-0685",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-05052",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-60687",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0685",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-05052",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201305-137",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-60687",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "VULHUB",
"id": "VHN-60687"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"db": "NVD",
"id": "CVE-2013-0685"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or cause a denial of service (resource consumption) via unknown vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to a denial-of-service vulnerability. \nSuccessful exploits may allow an attacker to trigger high CPU consumption and make the application unresponsive. Note that this issue could be exploited to execute arbitrary code, however, Symantec has not been confirmed. \nThe following versions are vulnerable:\nWonderware Information Server 4.0 SP1\nWonderware Information Server 4.5 Portal\nWonderware Information Server 5.0 Portal. Through the network solution, this product can conveniently display the factory performance indicators and production data to the operation, operation and maintenance and engineering personnel, and is widely used in petroleum, natural gas, chemical and other industries",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0685"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "BID",
"id": "59709"
},
{
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60687"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0685",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-113-01",
"trust": 3.4
},
{
"db": "BID",
"id": "59709",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201305-137",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-05052",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "53308",
"trust": 0.6
},
{
"db": "IVD",
"id": "F4B1E066-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60687",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "VULHUB",
"id": "VHN-60687"
},
{
"db": "BID",
"id": "59709"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"db": "NVD",
"id": "CVE-2013-0685"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
]
},
"id": "VAR-201305-0089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "VULHUB",
"id": "VHN-60687"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05052"
}
]
},
"last_update_date": "2023-12-18T12:09:22.066000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Invensys Wonderware Information Server Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33856"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60687"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"db": "NVD",
"id": "CVE-2013-0685"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-113-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0685"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0685"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53308"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59709"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/wonderwareinformationserver.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "VULHUB",
"id": "VHN-60687"
},
{
"db": "BID",
"id": "59709"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"db": "NVD",
"id": "CVE-2013-0685"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "VULHUB",
"id": "VHN-60687"
},
{
"db": "BID",
"id": "59709"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"db": "NVD",
"id": "CVE-2013-0685"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-10T00:00:00",
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"date": "2013-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-60687"
},
{
"date": "2013-05-07T00:00:00",
"db": "BID",
"id": "59709"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"date": "2013-05-09T12:31:18.970000",
"db": "NVD",
"id": "CVE-2013-0685"
},
{
"date": "2013-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"date": "2013-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-60687"
},
{
"date": "2013-05-07T00:00:00",
"db": "BID",
"id": "59709"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002604"
},
{
"date": "2013-05-09T12:31:18.970000",
"db": "NVD",
"id": "CVE-2013-0685"
},
{
"date": "2013-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server Denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "f4b1e066-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05052"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-137"
}
],
"trust": 0.6
}
}
VAR-201305-0091
Vulnerability from variot - Updated: 2023-12-18 12:09Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. There are security vulnerabilities in the implementation of Wonderware Information Server 4.0 SP1, Wonderware Information Server 4.5 Portal, and Wonderware Information Server 5.0 Portal. An attacker could exploit this vulnerability to execute arbitrary script code in the user's browser of the affected site context. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Through the network solution, this product can conveniently display the factory performance indicators and production data to the operation, operation and maintenance and engineering personnel, and is widely used in petroleum, natural gas, chemical and other industries
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201305-0091",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.0 sp1sp1"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "4.5- portal"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "5.0- portal"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
}
],
"sources": [
{
"db": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"db": "BID",
"id": "59703"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"db": "NVD",
"id": "CVE-2013-0688"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0688"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Alexey Osipov, and Ilya Karpov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "59703"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
],
"trust": 0.9
},
"cve": "CVE-2013-0688",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-0688",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-05027",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "f46b7928-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-60690",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0688",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-05027",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201305-142",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60690",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"db": "VULHUB",
"id": "VHN-60690"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"db": "NVD",
"id": "CVE-2013-0688"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. There are security vulnerabilities in the implementation of Wonderware Information Server 4.0 SP1, Wonderware Information Server 4.5 Portal, and Wonderware Information Server 5.0 Portal. An attacker could exploit this vulnerability to execute arbitrary script code in the user\u0027s browser of the affected site context. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Through the network solution, this product can conveniently display the factory performance indicators and production data to the operation, operation and maintenance and engineering personnel, and is widely used in petroleum, natural gas, chemical and other industries",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0688"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"db": "BID",
"id": "59703"
},
{
"db": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-60690"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0688",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-113-01",
"trust": 3.4
},
{
"db": "BID",
"id": "59703",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201305-142",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-05027",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "53308",
"trust": 0.6
},
{
"db": "IVD",
"id": "F46B7928-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60690",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"db": "VULHUB",
"id": "VHN-60690"
},
{
"db": "BID",
"id": "59703"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"db": "NVD",
"id": "CVE-2013-0688"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
]
},
"id": "VAR-201305-0091",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"db": "VULHUB",
"id": "VHN-60690"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05027"
}
]
},
"last_update_date": "2023-12-18T12:09:22.023000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.wonderware.com/en/pages/default.aspx"
},
{
"title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
},
{
"title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
},
{
"title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
},
{
"title": "Wonderware Top Page",
"trust": 0.8,
"url": "http://iom.invensys.com/jp/pages/home.aspx"
},
{
"title": "Patch for Invensys Wonderware Information Server Cross-Site Scripting Vulnerability (CNVD-2013-05027)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33855"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60690"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"db": "NVD",
"id": "CVE-2013-0688"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-113-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0688"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0688"
},
{
"trust": 0.6,
"url": "http://www.linuxidc.com/linux/2013-05/84034.htm"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53308"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59703"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/wonderwareinformationserver.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"db": "VULHUB",
"id": "VHN-60690"
},
{
"db": "BID",
"id": "59703"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"db": "NVD",
"id": "CVE-2013-0688"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"db": "VULHUB",
"id": "VHN-60690"
},
{
"db": "BID",
"id": "59703"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"db": "NVD",
"id": "CVE-2013-0688"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-09T00:00:00",
"db": "IVD",
"id": "f46b7928-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"date": "2013-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-60690"
},
{
"date": "2013-05-07T00:00:00",
"db": "BID",
"id": "59703"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"date": "2013-05-09T12:31:19.010000",
"db": "NVD",
"id": "CVE-2013-0688"
},
{
"date": "2013-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-05027"
},
{
"date": "2013-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-60690"
},
{
"date": "2013-05-07T00:00:00",
"db": "BID",
"id": "59703"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002606"
},
{
"date": "2013-05-09T12:31:19.010000",
"db": "NVD",
"id": "CVE-2013-0688"
},
{
"date": "2013-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Invensys Wonderware Information Server Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002606"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-142"
}
],
"trust": 0.6
}
}
VAR-201408-0102
Vulnerability from variot - Updated: 2023-12-18 12:07Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. Supplementary information : CWE Vulnerability type by CWE-326: Inadequate Encryption Strength ( Incorrect cipher strength ) Has been identified. http://cwe.mitre.org/data/definitions/326.htmlIf a third party reads the authentication information file, important information may be obtained. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. This may lead to other attacks. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0102",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "portal 4.0 sp1 to 5.5"
},
{
"model": "wonderware information server",
"scope": null,
"trust": 0.6,
"vendor": "invensys",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "invensys",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.5"
}
],
"sources": [
{
"db": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"db": "BID",
"id": "69415"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"db": "NVD",
"id": "CVE-2014-2381"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-429"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.5:*:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2381"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "69415"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2381",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-2381",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2014-05274",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "29212e84-2352-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-70320",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-2381",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2014-05274",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-429",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-70320",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"db": "VULHUB",
"id": "VHN-70320"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"db": "NVD",
"id": "CVE-2014-2381"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-429"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. Supplementary information : CWE Vulnerability type by CWE-326: Inadequate Encryption Strength ( Incorrect cipher strength ) Has been identified. http://cwe.mitre.org/data/definitions/326.htmlIf a third party reads the authentication information file, important information may be obtained. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. This may lead to other attacks. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2381"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"db": "BID",
"id": "69415"
},
{
"db": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-70320"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2381",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-238-02",
"trust": 3.4
},
{
"db": "BID",
"id": "69415",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201408-429",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-05274",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003982",
"trust": 0.8
},
{
"db": "IVD",
"id": "29212E84-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-70320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128111",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"db": "VULHUB",
"id": "VHN-70320"
},
{
"db": "BID",
"id": "69415"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-2381"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-429"
}
]
},
"id": "VAR-201408-0102",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"db": "VULHUB",
"id": "VHN-70320"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05274"
}
]
},
"last_update_date": "2023-12-18T12:07:58.685000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wonderware Information Server",
"trust": 0.8,
"url": "http://software.invensys.com/products/wonderware/production-information-management/information-server/"
},
{
"title": "Patch for Invensys Wonderware Information Server Weak Password Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/49398"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"db": "NVD",
"id": "CVE-2014-2381"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-238-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2381"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2381"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/69415"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/wonderwareinformationserver.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5398"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5399"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5397"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2381"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2380"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"db": "VULHUB",
"id": "VHN-70320"
},
{
"db": "BID",
"id": "69415"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-2381"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-429"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"db": "VULHUB",
"id": "VHN-70320"
},
{
"db": "BID",
"id": "69415"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-2381"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-429"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "IVD",
"id": "29212e84-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-70320"
},
{
"date": "2014-08-26T00:00:00",
"db": "BID",
"id": "69415"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"date": "2014-09-01T14:55:55",
"db": "PACKETSTORM",
"id": "128111"
},
{
"date": "2014-08-28T01:55:03.200000",
"db": "NVD",
"id": "CVE-2014-2381"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-429"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05274"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-70320"
},
{
"date": "2015-03-19T08:38:00",
"db": "BID",
"id": "69415"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003982"
},
{
"date": "2014-08-28T15:07:20.013000",
"db": "NVD",
"id": "CVE-2014-2381"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-429"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "69415"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-429"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Information Server Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003982"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "69415"
}
],
"trust": 0.3
}
}
VAR-201408-0101
Vulnerability from variot - Updated: 2023-12-18 12:07Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file. Supplementary information : CWE Vulnerability types by CWE-326: Inadequate Encryption Strength ( Incorrect cipher strength ) Has been identified. http://cwe.mitre.org/data/definitions/326.htmlBy reading the authentication information file, a third party may obtain important information. Wonderware Information Server easily integrates factory performance metrics and operations, maintenance, and engineering production data collection and display through a network solution. Attackers use vulnerabilities to view encrypted data and obtain sensitive information. This may lead to other attacks. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0101",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.5"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "portal 4.0 sp1 to 5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.5"
}
],
"sources": [
{
"db": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"db": "BID",
"id": "69414"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"db": "NVD",
"id": "CVE-2014-2380"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-428"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.5:*:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2380"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "69414"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2380",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-2380",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-05282",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "2928f826-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-70319",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-2380",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-05282",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-428",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-70319",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"db": "VULHUB",
"id": "VHN-70319"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"db": "NVD",
"id": "CVE-2014-2380"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-428"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file. Supplementary information : CWE Vulnerability types by CWE-326: Inadequate Encryption Strength ( Incorrect cipher strength ) Has been identified. http://cwe.mitre.org/data/definitions/326.htmlBy reading the authentication information file, a third party may obtain important information. Wonderware Information Server easily integrates factory performance metrics and operations, maintenance, and engineering production data collection and display through a network solution. Attackers use vulnerabilities to view encrypted data and obtain sensitive information. This may lead to other attacks. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2380"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"db": "BID",
"id": "69414"
},
{
"db": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-70319"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2380",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-238-02",
"trust": 3.1
},
{
"db": "BID",
"id": "69414",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201408-428",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-05282",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003981",
"trust": 0.8
},
{
"db": "IVD",
"id": "2928F826-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "128111",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-70319",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"db": "VULHUB",
"id": "VHN-70319"
},
{
"db": "BID",
"id": "69414"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-2380"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-428"
}
]
},
"id": "VAR-201408-0101",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"db": "VULHUB",
"id": "VHN-70319"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05282"
}
]
},
"last_update_date": "2023-12-18T12:07:57.924000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wonderware Information Server",
"trust": 0.8,
"url": "http://software.invensys.com/products/wonderware/production-information-management/information-server/"
},
{
"title": "Wonderware Information Server weak encryption vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/49430"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"db": "NVD",
"id": "CVE-2014-2380"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-238-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2380"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2380"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/69414/discuss"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5398"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5399"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5397"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2381"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2380"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"db": "VULHUB",
"id": "VHN-70319"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-2380"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-428"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"db": "VULHUB",
"id": "VHN-70319"
},
{
"db": "BID",
"id": "69414"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-2380"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-428"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "IVD",
"id": "2928f826-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-70319"
},
{
"date": "2014-08-26T00:00:00",
"db": "BID",
"id": "69414"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"date": "2014-09-01T14:55:55",
"db": "PACKETSTORM",
"id": "128111"
},
{
"date": "2014-08-28T01:55:03.123000",
"db": "NVD",
"id": "CVE-2014-2380"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-428"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05282"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-70319"
},
{
"date": "2015-03-19T09:12:00",
"db": "BID",
"id": "69414"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003981"
},
{
"date": "2014-08-28T15:01:59.097000",
"db": "NVD",
"id": "CVE-2014-2380"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-428"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-428"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Information Server Vulnerability where important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003981"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "69414"
}
],
"trust": 0.3
}
}
VAR-201408-0350
Vulnerability from variot - Updated: 2023-12-18 12:07Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Schneider Electric Wonderware Information Server (WIS) Any file can be read or service disruption (DoS) There are vulnerabilities that are put into a state. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server has an information disclosure vulnerability that can be exploited by local attackers to obtain sensitive information. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms. A security vulnerability exists in Schneider Electric WIS Portal versions 4.0 SP1 to 5.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0350",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.5"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "portal 4.0 sp1 to 5.5"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.5"
}
],
"sources": [
{
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"db": "BID",
"id": "69417"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"db": "NVD",
"id": "CVE-2014-5398"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.5:*:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5398"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "69417"
}
],
"trust": 0.3
},
"cve": "CVE-2014-5398",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-5398",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2014-05272",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-73339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-5398",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2014-05272",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-433",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-73339",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"db": "VULHUB",
"id": "VHN-73339"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"db": "NVD",
"id": "CVE-2014-5398"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Schneider Electric Wonderware Information Server (WIS) Any file can be read or service disruption (DoS) There are vulnerabilities that are put into a state. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server has an information disclosure vulnerability that can be exploited by local attackers to obtain sensitive information. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms. A security vulnerability exists in Schneider Electric WIS Portal versions 4.0 SP1 to 5.5",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5398"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"db": "BID",
"id": "69417"
},
{
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-73339"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-5398",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-238-02",
"trust": 3.1
},
{
"db": "BID",
"id": "69417",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201408-433",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-05272",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984",
"trust": 0.8
},
{
"db": "IVD",
"id": "DCECF3F4-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-73339",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128111",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"db": "VULHUB",
"id": "VHN-73339"
},
{
"db": "BID",
"id": "69417"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5398"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
]
},
"id": "VAR-201408-0350",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"db": "VULHUB",
"id": "VHN-73339"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05272"
}
]
},
"last_update_date": "2023-12-18T12:07:57.885000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wonderware Information Server",
"trust": 0.8,
"url": "http://software.invensys.com/products/wonderware/production-information-management/information-server/"
},
{
"title": "Patch for Invensys Wonderware Information Server Information Disclosure Vulnerability (CNVD-2014-05272)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/49431"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-73339"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"db": "NVD",
"id": "CVE-2014-5398"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-238-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5398"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5398"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/69417/info"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5398"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5399"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5397"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2381"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2380"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"db": "VULHUB",
"id": "VHN-73339"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5398"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"db": "VULHUB",
"id": "VHN-73339"
},
{
"db": "BID",
"id": "69417"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5398"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-73339"
},
{
"date": "2014-08-26T00:00:00",
"db": "BID",
"id": "69417"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"date": "2014-09-01T14:55:55",
"db": "PACKETSTORM",
"id": "128111"
},
{
"date": "2014-08-28T01:55:03.607000",
"db": "NVD",
"id": "CVE-2014-5398"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05272"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-73339"
},
{
"date": "2014-08-26T00:00:00",
"db": "BID",
"id": "69417"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003984"
},
{
"date": "2014-08-28T15:22:13.070000",
"db": "NVD",
"id": "CVE-2014-5398"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "69417"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Information Server Vulnerable to reading arbitrary files",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003984"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "dcecf3f4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-433"
}
],
"trust": 0.8
}
}
VAR-201408-0349
Vulnerability from variot - Updated: 2023-12-18 12:07Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. The following versions are vulnerable: Wonderware Information Server 4.0 SP1 Wonderware Information Server 4.5 Portal Wonderware Information Server 5.0 Portal Wonderware Information Server 5.5 Portal. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.5"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "portal 4.0 sp1 to 5.5"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.5"
}
],
"sources": [
{
"db": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"db": "BID",
"id": "69418"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"db": "NVD",
"id": "CVE-2014-5397"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.5:*:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5397"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "69418"
}
],
"trust": 0.3
},
"cve": "CVE-2014-5397",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-5397",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-05271",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-73338",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-5397",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-05271",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-432",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-73338",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-5397",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"db": "VULHUB",
"id": "VHN-73338"
},
{
"db": "VULMON",
"id": "CVE-2014-5397"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"db": "NVD",
"id": "CVE-2014-5397"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nThe following versions are vulnerable:\nWonderware Information Server 4.0 SP1\nWonderware Information Server 4.5 Portal\nWonderware Information Server 5.0 Portal\nWonderware Information Server 5.5 Portal. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5397"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"db": "BID",
"id": "69418"
},
{
"db": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-73338"
},
{
"db": "VULMON",
"id": "CVE-2014-5397"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-5397",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-14-238-02",
"trust": 3.2
},
{
"db": "BID",
"id": "69418",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201408-432",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-05271",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983",
"trust": 0.8
},
{
"db": "IVD",
"id": "DBDE3A0E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-73338",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-5397",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128111",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"db": "VULHUB",
"id": "VHN-73338"
},
{
"db": "VULMON",
"id": "CVE-2014-5397"
},
{
"db": "BID",
"id": "69418"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5397"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
]
},
"id": "VAR-201408-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"db": "VULHUB",
"id": "VHN-73338"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05271"
}
]
},
"last_update_date": "2023-12-18T12:07:57.838000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wonderware Information Server",
"trust": 0.8,
"url": "http://software.invensys.com/products/wonderware/production-information-management/information-server/"
},
{
"title": "Patch for Invensys Wonderware Information Server Cross-Site Scripting Vulnerability (CNVD-2014-05271)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/49429"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-73338"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"db": "NVD",
"id": "CVE-2014-5397"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-238-02"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/69418"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5397"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5397"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/69418/info"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5398"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5399"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5397"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2381"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2380"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"db": "VULHUB",
"id": "VHN-73338"
},
{
"db": "VULMON",
"id": "CVE-2014-5397"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5397"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"db": "VULHUB",
"id": "VHN-73338"
},
{
"db": "VULMON",
"id": "CVE-2014-5397"
},
{
"db": "BID",
"id": "69418"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5397"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "IVD",
"id": "dbde3a0e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-73338"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULMON",
"id": "CVE-2014-5397"
},
{
"date": "2014-08-26T00:00:00",
"db": "BID",
"id": "69418"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"date": "2014-09-01T14:55:55",
"db": "PACKETSTORM",
"id": "128111"
},
{
"date": "2014-08-28T01:55:03.543000",
"db": "NVD",
"id": "CVE-2014-5397"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05271"
},
{
"date": "2015-10-21T00:00:00",
"db": "VULHUB",
"id": "VHN-73338"
},
{
"date": "2015-10-21T00:00:00",
"db": "VULMON",
"id": "CVE-2014-5397"
},
{
"date": "2015-03-19T09:39:00",
"db": "BID",
"id": "69418"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003983"
},
{
"date": "2015-10-21T16:21:41.030000",
"db": "NVD",
"id": "CVE-2014-5397"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Information Server Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003983"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-432"
}
],
"trust": 0.6
}
}
VAR-201408-0351
Vulnerability from variot - Updated: 2023-12-18 12:07SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. Allows an attacker to compromise the application, access or modify data, or exploit potential vulnerabilities in the underlying database. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0351",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "5.5"
},
{
"model": "wonderware information server sp1",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.9,
"vendor": "invensys",
"version": "4.5"
},
{
"model": "wonderware information server",
"scope": "eq",
"trust": 0.8,
"vendor": "invensys",
"version": "portal 4.0 sp1 to 5.5"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "5.0"
},
{
"model": "wonderware information server portal",
"scope": "eq",
"trust": 0.6,
"vendor": "invensys",
"version": "5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware information server",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wonderware information server",
"version": "5.5"
}
],
"sources": [
{
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"db": "BID",
"id": "69416"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"db": "NVD",
"id": "CVE-2014-5399"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:5.5:*:*:*:portal:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5399"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team",
"sources": [
{
"db": "BID",
"id": "69416"
}
],
"trust": 0.3
},
"cve": "CVE-2014-5399",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-5399",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-05273",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-73340",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-5399",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-05273",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-434",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-73340",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"db": "VULHUB",
"id": "VHN-73340"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"db": "NVD",
"id": "CVE-2014-5399"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. Allows an attacker to compromise the application, access or modify data, or exploit potential vulnerabilities in the underlying database. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5399"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"db": "BID",
"id": "69416"
},
{
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-73340"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-5399",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-238-02",
"trust": 3.4
},
{
"db": "BID",
"id": "69416",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201408-434",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-05273",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985",
"trust": 0.8
},
{
"db": "IVD",
"id": "DBDB76FC-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-73340",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128111",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"db": "VULHUB",
"id": "VHN-73340"
},
{
"db": "BID",
"id": "69416"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5399"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
]
},
"id": "VAR-201408-0351",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"db": "VULHUB",
"id": "VHN-73340"
}
],
"trust": 1.6211111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05273"
}
]
},
"last_update_date": "2023-12-18T12:07:57.798000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wonderware Information Server",
"trust": 0.8,
"url": "http://software.invensys.com/products/wonderware/production-information-management/information-server/"
},
{
"title": "Patch for Invensys Wonderware Information Server SQL Injection Vulnerability (CNVD-2014-05273)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/49432"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-73340"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"db": "NVD",
"id": "CVE-2014-5399"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-238-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/69416"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5399"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5399"
},
{
"trust": 0.3,
"url": "http://global.wonderware.com/en/pages/wonderwareinformationserver.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5398"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5399"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5397"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2381"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2380"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"db": "VULHUB",
"id": "VHN-73340"
},
{
"db": "BID",
"id": "69416"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5399"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"db": "VULHUB",
"id": "VHN-73340"
},
{
"db": "BID",
"id": "69416"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"db": "PACKETSTORM",
"id": "128111"
},
{
"db": "NVD",
"id": "CVE-2014-5399"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"date": "2014-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-73340"
},
{
"date": "2014-08-26T00:00:00",
"db": "BID",
"id": "69416"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"date": "2014-09-01T14:55:55",
"db": "PACKETSTORM",
"id": "128111"
},
{
"date": "2014-08-28T01:55:03.653000",
"db": "NVD",
"id": "CVE-2014-5399"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05273"
},
{
"date": "2015-11-02T00:00:00",
"db": "VULHUB",
"id": "VHN-73340"
},
{
"date": "2015-03-19T09:15:00",
"db": "BID",
"id": "69416"
},
{
"date": "2014-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003985"
},
{
"date": "2015-11-02T18:06:00.560000",
"db": "NVD",
"id": "CVE-2014-5399"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Information Server In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003985"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "dbdb76fc-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-434"
}
],
"trust": 0.8
}
}
CVE-2014-5399 (GCVE-0-2014-5399)
Vulnerability from nvd – Published: 2014-08-28 01:00 – Updated: 2025-10-31 23:17
VLAI
Title
Schneider Electric Wonderware SQL Injection
Summary
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Severity
No CVSS data available.
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | |
| https://github.com/cisagov/CSAF/blob/develop/csaf… | |
| https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02 | x_refsource_MISCx_transferred |
| http://www.securityfocus.com/bid/69416 | vdb-entryx_refsource_BIDx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Schneider Electric | Wonderware Information Server Portal |
Affected:
4.0 SP1
Affected: 4.5 Affected: 5.0 Affected: 5.5 |
Date Public
2014-08-26 06:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:49.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02"
},
{
"name": "69416",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69416"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wonderware Information Server Portal",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "4.0 SP1"
},
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.5"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:4.0_sp1:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:4.5:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:5.0:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:5.5:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team"
}
],
"datePublic": "2014-08-26T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"value": "SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T23:17:37.919Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSchneider Electric has created an update for WIS web pages and \ncomponents to address the vulnerabilities listed in this advisory. \nCustomers using all versions of WIS are affected and should upgrade to \nWIS Version 5.5 and then apply the security update.\u003c/p\u003e\n\u003cp\u003eCustomers using the affected versions of WIS should set the security \nlevel settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize \nthe risks presented by these vulnerabilities. In addition, the \nWonderware Information Server Portal can be configured to use HTTPS that\n will require additional steps as documented in the products user \ndocumentation.\u003c/p\u003e\n\u003cp\u003eSchneider Electric has released a security bulletin titled \u201cMultiple \nVulnerabilities in Wonderware Information Server LFSEC00000102\u201d to \nannounce the security update, which is available at the following \nlocation:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf\"\u003ehttps://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Schneider Electric has created an update for WIS web pages and \ncomponents to address the vulnerabilities listed in this advisory. \nCustomers using all versions of WIS are affected and should upgrade to \nWIS Version 5.5 and then apply the security update.\n\n\nCustomers using the affected versions of WIS should set the security \nlevel settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize \nthe risks presented by these vulnerabilities. In addition, the \nWonderware Information Server Portal can be configured to use HTTPS that\n will require additional steps as documented in the products user \ndocumentation.\n\n\nSchneider Electric has released a security bulletin titled \u201cMultiple \nVulnerabilities in Wonderware Information Server LFSEC00000102\u201d to \nannounce the security update, which is available at the following \nlocation:\n\n\n https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf"
}
],
"source": {
"advisory": "ICSA-14-238-02",
"discovery": "EXTERNAL"
},
"title": "Schneider Electric Wonderware SQL Injection",
"x_generator": {
"engine": "Vulnogram 0.4.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-2380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-5399",
"datePublished": "2014-08-28T01:00:00.000Z",
"dateReserved": "2014-08-22T00:00:00.000Z",
"dateUpdated": "2025-10-31T23:17:37.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}