HIGH🇵🇱 Wersja polska

CVE-2014-9196

CVSS 7.6v2.0pub. 2015-07-20upd. 2026-05-06

Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.

CVSS Vector
AV:N/AC:H/Au:N/C:C/I:C/A:C
  • Eaton Proview

    APP
    Eaton
    4.05.05.0.15.0.105.0.25.0.35.0.45.0.55.0.65.0.75.0.85.0.9
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2015-6471MEDIUM5.3ten sam produkt

Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does...

CVE-2021-23281CRITICAL10.0ten sam vendor

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code execution vul...

CVE-2018-16158CRITICAL9.8ten sam vendor

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across dif...

CVE-2018-8847CRITICAL9.8ten sam vendor

Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow ...

CVE-2018-12031CRITICAL9.8ten sam vendor

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/n...