var-201308-0167
Vulnerability from variot
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Schneider Electric provides total solutions for the energy and infrastructure, industrial, data center and network, building and residential markets in more than 100 countries. Multiple Schneider Electric products have security vulnerabilities that allow attackers to exploit vulnerabilities to obtain sensitive information or to perform denial of service attacks. Vulnerability-related errors with XML external entity references allow an attacker to submit specially crafted XML data that specifically references external resources, obtain sensitive information from local resources, or perform denial of service attacks. A remote attacker can exploit a vulnerability to gain sensitive information or perform a denial of service attack. Multiple Schneider Electric products are prone to an information-disclosure vulnerability. The following products are affected: Vijeo Citect 7.20 and prior CitectSCADA 7.20 and prior PowerLogic SCADA 7.20 and prior. Schneider Electric Vijeo Citect, CitectSCADA, and PowerLogic SCADA are software from Schneider Electric, France, that provide monitoring and control functions in supervisory control and data acquisition systems (SCADA)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201308-0167",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "citectscada",
"scope": "lte",
"trust": 1.8,
"vendor": "schneider electric",
"version": "7.20"
},
{
"model": "powerlogic scada",
"scope": "lte",
"trust": 1.8,
"vendor": "schneider electric",
"version": "7.20"
},
{
"model": "vijeo citect",
"scope": "lte",
"trust": 1.8,
"vendor": "schneider electric",
"version": "7.20"
},
{
"model": "powerlogic scada",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": "7.10"
},
{
"model": "vijeo citect",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": "7.10"
},
{
"model": "citectscada",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": "7.10"
},
{
"model": "electric vijeo citect",
"scope": "eq",
"trust": 0.9,
"vendor": "schneider",
"version": "7.20"
},
{
"model": "electric citectscada",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "7.20"
},
{
"model": "electric powerlogic scada",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "7.20"
},
{
"model": "powerlogic scada",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "7.20"
},
{
"model": "vijeo citect",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "7.20"
},
{
"model": "citectscada",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "7.20"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "citectscada",
"version": "7.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "citectscada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "powerlogic scada",
"version": "7.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "powerlogic scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vijeo citect",
"version": "7.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vijeo citect",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"db": "BID",
"id": "61598"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-141"
},
{
"db": "NVD",
"id": "CVE-2013-2796"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:citectscada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:powerlogic_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:vijeo_citect",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Timur Yunusov, Alexey Osipov and Ilya Karpov of Positive Technologies",
"sources": [
{
"db": "BID",
"id": "61598"
}
],
"trust": 0.3
},
"cve": "CVE-2013-2796",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2013-2796",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2013-11763",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-62798",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2796",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-2796",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2013-11763",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201308-141",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-62798",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"db": "VULHUB",
"id": "VHN-62798"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-141"
},
{
"db": "NVD",
"id": "CVE-2013-2796"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Schneider Electric provides total solutions for the energy and infrastructure, industrial, data center and network, building and residential markets in more than 100 countries. Multiple Schneider Electric products have security vulnerabilities that allow attackers to exploit vulnerabilities to obtain sensitive information or to perform denial of service attacks. Vulnerability-related errors with XML external entity references allow an attacker to submit specially crafted XML data that specifically references external resources, obtain sensitive information from local resources, or perform denial of service attacks. A remote attacker can exploit a vulnerability to gain sensitive information or perform a denial of service attack. Multiple Schneider Electric products are prone to an information-disclosure vulnerability. \nThe following products are affected:\nVijeo Citect 7.20 and prior\nCitectSCADA 7.20 and prior\nPowerLogic SCADA 7.20 and prior. Schneider Electric Vijeo Citect, CitectSCADA, and PowerLogic SCADA are software from Schneider Electric, France, that provide monitoring and control functions in supervisory control and data acquisition systems (SCADA)",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2796"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"db": "BID",
"id": "61598"
},
{
"db": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-62798"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2796",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-217-02",
"trust": 2.8
},
{
"db": "BID",
"id": "61598",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201308-141",
"trust": 0.9
},
{
"db": "SCHNEIDER",
"id": "SEVD-2013-197-01",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-11763",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "54422",
"trust": 0.6
},
{
"db": "IVD",
"id": "C95A4B10-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-62798",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"db": "VULHUB",
"id": "VHN-62798"
},
{
"db": "BID",
"id": "61598"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-141"
},
{
"db": "NVD",
"id": "CVE-2013-2796"
}
]
},
"id": "VAR-201308-0167",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"db": "VULHUB",
"id": "VHN-62798"
}
],
"trust": 1.671886442
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11763"
}
]
},
"last_update_date": "2024-08-14T14:52:37.527000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.schneider-electric.com/site/home/index.cfm/uk/"
},
{
"title": "Patch Information - cs-HF720SP459363",
"trust": 0.8,
"url": "http://www.citect.schneider-electric.com/cs-HF720SP459363"
},
{
"title": "\u30b5\u30dd\u30fc\u30c8",
"trust": 0.8,
"url": "http://www.schneider-electric.co.jp/sites/japan/jp/support/contact/we-care.page"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.schneider-electric.com/site/home/index.cfm/jp/"
},
{
"title": "Schneider Electric patch for multiple product XML external entity vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/38074"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62798"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"db": "NVD",
"id": "CVE-2013-2796"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-217-02"
},
{
"trust": 1.7,
"url": "http://www.citect.schneider-electric.com/cs-hf720sp459363"
},
{
"trust": 0.9,
"url": "http://www.schneider-electric.com/download/ww/en/details/125349410-vulnerability-disclosure---citectscada-vijeo-citect-powerlogic-scada/?reference=sevd-2013-197-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2796"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2796"
},
{
"trust": 0.6,
"url": "http://download.schneider-electric.com/files?p_file_id=125349417\u0026p_file_name=sevd-2013-197-01.pdf"
},
{
"trust": 0.6,
"url": "http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/content/news/data/en/local/cybersecurity/general_information/2013/07/20130716_advisory_of_vulnerability_affecting_vijeo_citect_citect_scada_and_powe.xml"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/54422/"
},
{
"trust": 0.3,
"url": "http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/content/news/data/en/local/cybersecurity/general_information/2013/07/20130716_advi"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"db": "VULHUB",
"id": "VHN-62798"
},
{
"db": "BID",
"id": "61598"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-141"
},
{
"db": "NVD",
"id": "CVE-2013-2796"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"db": "VULHUB",
"id": "VHN-62798"
},
{
"db": "BID",
"id": "61598"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-141"
},
{
"db": "NVD",
"id": "CVE-2013-2796"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-08T00:00:00",
"db": "IVD",
"id": "c95a4b10-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"date": "2013-08-09T00:00:00",
"db": "VULHUB",
"id": "VHN-62798"
},
{
"date": "2013-07-16T00:00:00",
"db": "BID",
"id": "61598"
},
{
"date": "2013-08-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"date": "2013-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-141"
},
{
"date": "2013-08-09T23:55:02.537000",
"db": "NVD",
"id": "CVE-2013-2796"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-11763"
},
{
"date": "2013-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-62798"
},
{
"date": "2015-03-19T08:09:00",
"db": "BID",
"id": "61598"
},
{
"date": "2013-08-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003715"
},
{
"date": "2013-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-141"
},
{
"date": "2013-08-12T20:21:04.173000",
"db": "NVD",
"id": "CVE-2013-2796"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "61598"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-141"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Schneider Electric Vulnerability to read arbitrary files in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003715"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201308-141"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.