Описание
Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:eaton:proview:4.0:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.10:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02721
Низкий
7.6 High
CVSS2
9.3 Critical
CVSS2
Дефекты
CWE-342
CWE-254
Связанные уязвимости
github
больше 3 лет назад
Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
EPSS
Процентиль: 86%
0.02721
Низкий
7.6 High
CVSS2
9.3 Critical
CVSS2
Дефекты
CWE-342
CWE-254