CVE-2020-7485
Published Apr 16, 2020
Last updated 2 years ago
Overview
- Description
- **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1
- Source
- cybersecurity@se.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "46E2D695-54F5-4D3E-B1F8-CABE51AE6064"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:tristation_1131:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF85A1C1-5867-486A-8E17-36C83324329A",
"versionEndIncluding": "4.9.0",
"versionStartIncluding": "1.0.0"
},
{
"criteria": "cpe:2.3:a:schneider-electric:tristation_1131:4.10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA77BE7C-A96A-460E-ABCE-7B578B8827D1"
},
{
"criteria": "cpe:2.3:a:schneider-electric:tristation_1131:4.12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "325A4334-FF06-4F8A-9C3E-D2F37D32D8D9"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]