Описание
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.6.3.574 (включая)
cpe:2.3:a:schneider-electric:scadapack_7x_remote_connect:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00176
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-284
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user.
EPSS
Процентиль: 39%
0.00176
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-284
NVD-CWE-noinfo