exploitDog

CVE-2016-8380

Опубликовано: 05 апр. 2018

Источник: nvd

CVSS3: 7.3

CVSS2: 7.5

EPSS Средний

Описание

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.

Ссылки

http://www.securityfocus.com/bid/94163
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-313-01
Third Party Advisory
US Government Resource
https://www.exploit-db.com/exploits/45590/
http://www.securityfocus.com/bid/94163
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-313-01
Third Party Advisory
US Government Resource
https://www.exploit-db.com/exploits/45590/

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:phoenixcontact:ilc_plcs_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:phoenixcontact:ilc_plcs:-:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.2434

Средний

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-767

CWE-287

Связанные уязвимости

GHSA-23m3-jp2w-3vpp

CVSS3: 7.3

github

около 3 лет назад

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.

EPSS

Процентиль: 96%

0.2434

Средний

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-767

CWE-287