Lucene search

K
cve[email protected]CVE-2014-2349
HistoryMay 22, 2014 - 8:55 p.m.

CVE-2014-2349

2014-05-2220:55:06
CWE-264
web.nvd.nist.gov
31
emerson
deltav
cve-2014-2349
configuration files
engineering-level privileges
nvd

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

0.4%

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges.

Affected configurations

NVD
Node
emersondeltavMatch10.3.1
OR
emersondeltavMatch11.3
OR
emersondeltavMatch11.3.1
OR
emersondeltavMatch12.3
VendorProductVersionCPE
emersondeltav12.3cpe:/a:emerson:deltav:12.3:::
emersondeltav11.3cpe:/a:emerson:deltav:11.3:::
emersondeltav11.3.1cpe:/a:emerson:deltav:11.3.1:::
emersondeltav10.3.1cpe:/a:emerson:deltav:10.3.1:::

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

0.4%