Lucene search
HistoryMay 22, 2014 - 8:55 p.m.
CVE-2014-2350
emerson deltav
hardcoded credentials
diagnostic services
remote attackers
access restrictions
tcp session
5.3 Medium
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.9%
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.
Related
nessus
nessus
Emerson DeltaV Credentials Management Errors (CVE-2014-2350)
2022-02-07 00:00:00
Emerson Deltav Unspecified Vulnerability
2021-08-10 00:00:00
prion
prion
Hardcoded credentials
2014-05-22 20:55:00
Code injection
2022-07-26 22:15:00
Hardcoded credentials
2022-07-26 22:15:00
ptsecurity
ptsecurity
PT-2013-91: Hard-Coded Access Credentials in Emerson DeltaV
2013-03-10 00:00:00
cve
cve
ics
ics
Emerson DeltaV Vulnerabilities
2018-09-06 12:00:00
5.3 Medium
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.9%
Related for CVE-2014-2350