CVE-2012-0228

Опубликовано: 02 апр. 2012

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Ссылки

http://osvdb.org/80890
http://secunia.com/advisories/48603
http://www.securityfocus.com/bid/52851
http://www.securitytracker.com/id?1026886
http://www.securitytracker.com/id?1026887
http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf
US Government Resource
http://osvdb.org/80890
http://secunia.com/advisories/48603
http://www.securityfocus.com/bid/52851
http://www.securitytracker.com/id?1026886
http://www.securitytracker.com/id?1026887
http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*

cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00234

Низкий

7.5 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-c456-vjhw-vjgw

github

почти 4 года назад