CVE-2014-5411
Published Sep 18, 2014
Last updated 6 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:clearscada:2010:r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAD213FA-E444-4DDB-B593-CC79C45D92F2"
},
{
"criteria": "cpe:2.3:a:aveva:clearscada:2010:r3.1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4FBC203-019A-4DE0-97ED-F0A4872B4E55"
},
{
"criteria": "cpe:2.3:a:aveva:clearscada:2013:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0733DE5C-D168-4A2B-996F-E2BE671FB4C5"
},
{
"criteria": "cpe:2.3:a:aveva:clearscada:2013:r1.1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A22FFBF-1EAF-478B-A8F4-5EDBDCAE8F41"
},
{
"criteria": "cpe:2.3:a:aveva:clearscada:2013:r1.1a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64BF21B8-F98E-46C5-A1AC-FE7DBD45D80F"
},
{
"criteria": "cpe:2.3:a:aveva:clearscada:2013:r1.2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2115F6A-1689-4121-99FA-5821C78BA394"
},
{
"criteria": "cpe:2.3:a:aveva:clearscada:2013:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2F240E9-4C6F-4257-9F20-456B736569CD"
},
{
"criteria": "cpe:2.3:a:schneider-electric:scada_expert_clearscada:2013:r2.1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2B6A429-6195-4213-A851-AF95A9C187F6"
},
{
"criteria": "cpe:2.3:a:schneider-electric:scada_expert_clearscada:2014:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84521A6D-AB6D-4518-A642-9BA4400DC599"
}
],
"operator": "OR"
}
]
}
]