The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL.
oryginał ENCVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:PEcava Integraxor
APPEcava3.5.3900.103.5.3900.53.60.40613.6.4000.03.713.71.42003.724.004.1≤ 4.1.4360
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2017-6050CRITICAL9.8ten sam produkt
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails ...
CVE-2016-8341CRITICAL9.8ten sam produkt
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters ...
CVE-2016-2306HIGH7.5ten sam produkt
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive clear...
CVE-2016-2299HIGH7.3ten sam produkt
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbit...
CVE-2014-2375HIGH8.3ten sam produkt
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attacker...