Описание
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.
Ссылки
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2020 (исключая)Версия до 2020 (исключая)Версия до 20.1.101 (включая)Версия до 3.7.002 (включая)Версия до 2020 (исключая)Версия до 2020 (исключая)Версия до 2020 (исключая)Версия до 2020 (исключая)Версия до 2020 (исключая)Версия до 2020 (исключая)Версия до 2020 (исключая)Версия до 2020 (исключая)
Одно из
cpe:2.3:a:aveva:batch_management:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:batch_management:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:batch_management:2020:sp1:*:*:*:*:*:*
cpe:2.3:a:aveva:communication_drivers:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:communication_drivers:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:communication_drivers:2020:r2:*:*:*:*:*:*
cpe:2.3:a:aveva:communication_drivers:2020:r2_p01:*:*:*:*:*:*
cpe:2.3:a:aveva:edge:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:enterprise_licensing:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:historian:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:historian:2020:r2:*:*:*:*:*:*
cpe:2.3:a:aveva:historian:2020:r2_p01:*:*:*:*:*:*
cpe:2.3:a:aveva:intouch:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:intouch:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:intouch:2020:r2:*:*:*:*:*:*
cpe:2.3:a:aveva:intouch:2020:r2_p01:*:*:*:*:*:*
cpe:2.3:a:aveva:manufacturing_execution_system:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:manufacturing_execution_system:2020:*:*:*:*:*:*:*
cpe:2.3:a:aveva:manufacturing_execution_system:2020:p01:*:*:*:*:*:*
cpe:2.3:a:aveva:mobile_operator:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:mobile_operator:2020:*:*:*:*:*:*:*
cpe:2.3:a:aveva:mobile_operator:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:mobile_operator:2020:r1:*:*:*:*:*:*
cpe:2.3:a:aveva:plant_scada:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:plant_scada:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:plant_scada:2020:r2:*:*:*:*:*:*
cpe:2.3:a:aveva:recipe_management:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:recipe_management:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:recipe_management:2020:update_1_patch_2:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:r2:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:r2_p01:*:*:*:*:*:*
cpe:2.3:a:aveva:telemetry_server:2020r2:-:*:*:*:*:*:*
cpe:2.3:a:aveva:telemetry_server:2020r2:sp1:*:*:*:*:*:*
cpe:2.3:a:aveva:work_tasks:*:*:*:*:*:*:*:*
cpe:2.3:a:aveva:work_tasks:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:work_tasks:2020:update_1:*:*:*:*:*:*
cpe:2.3:a:aveva:work_tasks:2020:update_2:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00089
Низкий
5.5 Medium
CVSS3
7.1 High
CVSS3
Дефекты
CWE-73
CWE-610
Связанные уязвимости
CVSS3: 5.5
github
около 2 лет назад
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.
EPSS
Процентиль: 25%
0.00089
Низкий
5.5 Medium
CVSS3
7.1 High
CVSS3
Дефекты
CWE-73
CWE-610