CVE-2012-4689

2022-10-0316:15:33

CWE-189

[email protected]

web.nvd.nist.gov

cve-2012-4689

intelligent platforms

proficy

hmi

scada

cimplicity

nvd

security

vulnerability

integer overflow

remote attack

denial of service

http request

7.1 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

59.0%

JSON

Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request.

Affected configurations

NVD

Node

geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch4.01

geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch7.5

geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch8.0

Node

geintelligent_platforms_proficy_process_systems_with_cimplicityMatch-

AND

geintelligent_platforms_proficy_process_systemsMatch-

CPENameOperatorVersion
ge:intelligent_platforms_proficy_hmi\/scada_cimplicityge intelligent platforms proficy hmi/scada cimplicityeq4.01
ge:intelligent_platforms_proficy_hmi\/scada_cimplicityge intelligent platforms proficy hmi/scada cimplicityeq7.5
ge:intelligent_platforms_proficy_hmi\/scada_cimplicityge intelligent platforms proficy hmi/scada cimplicityeq8.0

CPE	Name	Operator	Version
ge:intelligent_platforms_proficy_hmi\/scada_cimplicity	ge intelligent platforms proficy hmi/scada cimplicity	eq	4.01
ge:intelligent_platforms_proficy_hmi\/scada_cimplicity	ge intelligent platforms proficy hmi/scada cimplicity	eq	7.5
ge:intelligent_platforms_proficy_hmi\/scada_cimplicity	ge intelligent platforms proficy hmi/scada cimplicity	eq	8.0