admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-77xx/CVE-2018-7793.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

122 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2018-7793",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2018-12-24T16:29:00.640",
"lastModified": "2020-08-24T17:37:01.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de gesti\u00f3n de credenciales en FoxView HMI SCADA (todas las versiones de Foxboro DCS, Foxboro Evo e IA Series anteriores a Foxboro DCS Control Core Services 9.4 (CCS 9.4) y FoxView 10.5.) que podr\u00eda permitir la divulgaci\u00f3n, modificaci\u00f3n o interrupci\u00f3n no autorizada del servicio cuando se modifica la contrase\u00f1a sin permiso."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:foxboro_dcs:*:*:*:*:*:*:*:*",
"versionEndExcluding": "ccs_9.4",
"matchCriteriaId": "DBD743B7-7CED-46B6-9ECD-0C082BD8F5DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:foxboro_evo:*:*:*:*:*:*:*:*",
"versionEndExcluding": "ccs_9.4",
"matchCriteriaId": "FE0621CA-DEB5-46C6-8F6C-EABA5DA04DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:foxview:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "875225C7-6546-41BB-96DB-450F5C99494E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:ia_series:*:*:*:*:*:*:*:*",
"versionEndExcluding": "ccs_9.4",
"matchCriteriaId": "9EDC2A27-E072-4D61-9A35-714571A3E9A1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/",
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink