Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-0751
HistoryJan 25, 2014 - 10:55 p.m.

CVE-2014-0751

2014-01-2522:55:04
CWE-22
[email protected]
web.nvd.nist.gov
20
cve-2014-0751
directory traversal
cimwebserver.exe
webview
ge intelligent platforms proficy hmi/scada
cimplicity
proficy process systems
tcp port 10212
zdi-can-1623
remote code execution

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.414 Medium

EPSS

Percentile

97.3%

JSON

Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka ZDI-CAN-1623.

Affected configurations

NVD
Node
geintelligent_platforms_proficy_hmi\%2fscada_cimplicityRange8.2sim24
OR
geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch4.01
OR
geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch7.5
OR
geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch8.0
OR
geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch8.1
OR
geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch8.2
OR
geintelligent_platforms_proficy_process_systems_with_cimplicityMatch-
CPENameOperatorVersion
ge:intelligent_platforms_proficy_hmi\%2fscada_cimplicityge intelligent platforms proficy hmi%2fscada cimplicityle8.2
ge:intelligent_platforms_proficy_hmi\/scada_cimplicityge intelligent platforms proficy hmi/scada cimplicityeq4.01
ge:intelligent_platforms_proficy_hmi\/scada_cimplicityge intelligent platforms proficy hmi/scada cimplicityeq7.5
ge:intelligent_platforms_proficy_hmi\/scada_cimplicityge intelligent platforms proficy hmi/scada cimplicityeq8.0
ge:intelligent_platforms_proficy_hmi\/scada_cimplicityge intelligent platforms proficy hmi/scada cimplicityeq8.1
ge:intelligent_platforms_proficy_hmi\/scada_cimplicityge intelligent platforms proficy hmi/scada cimplicityeq8.2
ge:intelligent_platforms_proficy_process_systems_with_cimplicityge intelligent platforms proficy process systems with cimplicityeq-

Related

zdi 1
nvd 1
cvelist 1
prion 1
seebug 1
threatpost 1
ics 1
zdi
zdi
GE Proficy CIMPLICITY CimWebServer File Upload Remote Code Execution Vulnerability
2014-02-13 00:00:00
nvd
nvd
CVE-2014-0751
2014-01-25 22:55:04
cvelist
cvelist
CVE-2014-0751
2014-01-25 22:00:00
prion
prion
Directory traversal
2014-01-25 22:55:00
seebug
seebug
GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY CimWebServer.exe目录遍历漏洞
2014-02-10 00:00:00
threatpost
threatpost
BlackEnergy Malware Used in Attacks Against ICS HMI
2014-10-29 10:25:12
ics
ics
GE Proficy Vulnerabilities
2018-09-06 12:00:00

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.414 Medium

EPSS

Percentile

97.3%

JSON
Related for CVE-2014-0751
zdi1nvd1cvelist1prion1seebug1threatpost1ics1