var-201503-0062
Vulnerability from variot
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Attackers can exploit this issue to bypass the authentication mechanism and log in to another user's account. The following products are affected: InduSoft Web Studio 7.1.3.2 and prior. InTouch Machine Edition 7.1.3.2 and prior. This product provides HMI clients with read, write tag and event monitoring capabilities. The vulnerability stems from the fact that the HMI user interface provided by the program contains all valid user names
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0062",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "wonderware intouch 2014",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "intouch machine edition 2014",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "electric indusoft web studio sp3 patch",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "7.1.3.44"
},
{
"model": "electric intouch machine edition sp3 patch",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "2014(\u003c7.1.3.44)"
},
{
"model": "wonderware intouch 2014",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "indusoft web studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware intouch 2014",
"version": "*"
},
{
"model": "intouch machine edition",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "20147.1.3.2"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "indusoft web studio sp patch",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:indusoft_web_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:wonderware_intouch_2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Ilya Karpov, Kirill Nesterov, and Alisa Esage Shevcheckno",
"sources": [
{
"db": "BID",
"id": "73386"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0997",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0997",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-02058",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-78943",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0997",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-0997",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-02058",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-616",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-78943",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. \nAttackers can exploit this issue to bypass the authentication mechanism and log in to another user\u0027s account. \nThe following products are affected:\nInduSoft Web Studio 7.1.3.2 and prior. \nInTouch Machine Edition 7.1.3.2 and prior. This product provides HMI clients with read, write tag and event monitoring capabilities. The vulnerability stems from the fact that the HMI user interface provided by the program contains all valid user names",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0997"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-78943"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0997",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-15-085-01",
"trust": 2.8
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-01",
"trust": 2.3
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-02",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-02058",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994",
"trust": 0.8
},
{
"db": "BID",
"id": "73386",
"trust": 0.4
},
{
"db": "IVD",
"id": "7D7F27C0-463F-11E9-8224-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "9A4B4F32-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-78943",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"id": "VAR-201503-0062",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
}
],
"trust": 1.8657392000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
}
]
},
"last_update_date": "2024-11-23T22:01:52.843000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "InTouch Machine Edition 2014 Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"title": "InduSoft Web Studi Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"title": "\\302\\240\\302\\240\\302\\240\\302\\240\\302\\240Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Edition Information Disclosure Vulnerability (CNVD-2015-02058)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/56786"
},
{
"title": "IWS71.3.4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54647"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-085-01"
},
{
"trust": 2.3,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-01"
},
{
"trust": 1.7,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0997"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0997"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"db": "VULHUB",
"id": "VHN-78943"
},
{
"db": "BID",
"id": "73386"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "7d7f27c0-463f-11e9-8224-000c29342cb1"
},
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "9a4b4f32-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"date": "2015-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-78943"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73386"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"date": "2015-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"date": "2015-03-29T10:59:06.647000",
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02058"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-78943"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73386"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001994"
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-616"
},
{
"date": "2024-11-21T02:24:06.437000",
"db": "NVD",
"id": "CVE-2015-0997"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities that gain access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001994"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-616"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.