Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIcscertCVE-2015-0984
HistoryMar 31, 2015 - 1:59 a.m.

CVE-2015-0984

2015-03-3101:59:36
CWE-22
icscert
web.nvd.nist.gov
27
cve-2015-0984
directory traversal
vulnerability
honeywell
excel web
controllers
ftp
server
security
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.015

Percentile

87.1%

JSON

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers before 2.04.01 allows remote attackers to read files under the web root, and consequently obtain administrative login access, via a crafted pathname.

Affected configurations

Nvd
Node
honeywellexcel_web_xl_1000c100_104_i\/oRange2.04.00
OR
honeywellexcel_web_xl_1000c1000_600_i\/oRange2.04.00
OR
honeywellexcel_web_xl_1000c1000_600_i\/o_uuklRange2.04.00
OR
honeywellexcel_web_xl_1000c100u_104_i\/o_uuklRange2.04.00
OR
honeywellexcel_web_xl_1000c50_52_i\/oRange2.04.00
OR
honeywellexcel_web_xl_1000c500_300_i\/oRange2.04.00
OR
honeywellexcel_web_xl_1000c500_300_i\/o_uuklRange2.04.00
OR
honeywellexcel_web_xl_1000c50u_52_i\/o_uuklRange2.04.00
VendorProductVersionCPE
honeywellexcel_web_xl_1000c100_104_i\/o*cpe:2.3:o:honeywell:excel_web_xl_1000c100_104_i\/o:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c1000_600_i\/o*cpe:2.3:o:honeywell:excel_web_xl_1000c1000_600_i\/o:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c1000_600_i\/o_uukl*cpe:2.3:o:honeywell:excel_web_xl_1000c1000_600_i\/o_uukl:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c100u_104_i\/o_uukl*cpe:2.3:o:honeywell:excel_web_xl_1000c100u_104_i\/o_uukl:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c50_52_i\/o*cpe:2.3:o:honeywell:excel_web_xl_1000c50_52_i\/o:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c500_300_i\/o*cpe:2.3:o:honeywell:excel_web_xl_1000c500_300_i\/o:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c500_300_i\/o_uukl*cpe:2.3:o:honeywell:excel_web_xl_1000c500_300_i\/o_uukl:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c50u_52_i\/o_uukl*cpe:2.3:o:honeywell:excel_web_xl_1000c50u_52_i\/o_uukl:*:*:*:*:*:*:*:*

Related

nvd 1
prion 1
ics 1
openvas 1
cvelist 1
packetstorm 1
nvd
nvd
CVE-2015-0984
2015-03-31 01:59:36
prion
prion
Directory traversal
2015-03-31 01:59:00
ics
ics
Honeywell XL Web Controller Directory Traversal Vulnerability
2018-08-27 12:00:00
openvas
openvas
Honeywell Falcon XL Web Controller Directory Traversal Vulnerability - Active Check
2015-04-27 00:00:00
cvelist
cvelist
CVE-2015-0984
2015-03-31 01:00:00
packetstorm
packetstorm
Honeywell XLWEB SCADA Path Traversal
2015-04-23 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.015

Percentile

87.1%

JSON
Related for CVE-2015-0984
nvd1prion1ics1openvas1cvelist1packetstorm1