CVE-2014-0752

Published Jan 9, 2014

Last updated 11 years ago

CVSS info 5.0

Overview

Description: The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL.
Source: ics-cert@hq.dhs.gov
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E950E11-0F45-4511-8E94-FA2575BE48F4",
            "versionEndIncluding": "4.1.4360"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:3.5.3900.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "024F3AE4-4912-4C4C-859E-3CC832123394"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:3.5.3900.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E4BEE8F-B1FC-47E0-BF7F-3247A29CCBFF"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:3.6.4000.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0EB4452-4772-4CA9-A119-A8DFE183CB87"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:3.60.4061:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66CE22B5-F6B1-4CA5-8975-A0DEA0272E10"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:3.71:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C338B7E-B958-4ED4-AF3C-B64A72CA01A6"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:3.71.4200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6BE9299-0D5D-4FDF-8E5C-17EBB3E3D895"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:3.72:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4717F90-420C-40C1-B465-2052F5F5D8F7"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:4.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04D6E69A-AE18-4B23-95CA-85C605E5F23B"
          },
          {
            "criteria": "cpe:2.3:a:ecava:integraxor:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C254168-384E-4B0A-BB22-445D7281FAC8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References