CVE-2015-6478

Опубликовано: 13 нояб. 2015

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.

Ссылки

http://www.securityfocus.com/bid/77571
http://www.zerodayinitiative.com/advisories/ZDI-15-573
http://www.zerodayinitiative.com/advisories/ZDI-15-577
http://www.zerodayinitiative.com/advisories/ZDI-15-578
http://www.zerodayinitiative.com/advisories/ZDI-15-579
http://www.zerodayinitiative.com/advisories/ZDI-15-580
https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/77571
http://www.zerodayinitiative.com/advisories/ZDI-15-573
http://www.zerodayinitiative.com/advisories/ZDI-15-577
http://www.zerodayinitiative.com/advisories/ZDI-15-578
http://www.zerodayinitiative.com/advisories/ZDI-15-579
http://www.zerodayinitiative.com/advisories/ZDI-15-580
https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02
Patch
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:unitronics:visilogic_oplc_ide:*:*:*:*:*:*:*:*

Версия до 9.8.0.0 (включая)

EPSS

Процентиль: 85%

0.02599

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-5xgg-fgqr-5m89

github

больше 3 лет назад