Lucene search

[email protected]CVE-2015-6478

HistoryNov 13, 2015 - 3:59 a.m.

CVE-2015-6478

2015-11-1303:59:00

CWE-284

[email protected]

web.nvd.nist.gov

unitronics

visilogic

oplc

ide

cve-2015-6478

security vulnerability

remote attack

web site

8.9 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.163 Low

EPSS

Percentile

96.0%

JSON

Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.

CPENameOperatorVersion
unitronics:visilogic_oplc_ideunitronics visilogic oplc idele9.8.0.0

CPE	Name	Operator	Version
unitronics:visilogic_oplc_ide	unitronics visilogic oplc ide	le	9.8.0.0

References

www.securityfocus.com/bid/77571

www.zerodayinitiative.com/advisories/ZDI-15-573

www.zerodayinitiative.com/advisories/ZDI-15-577

www.zerodayinitiative.com/advisories/ZDI-15-578

www.zerodayinitiative.com/advisories/ZDI-15-579

www.zerodayinitiative.com/advisories/ZDI-15-580

ics-cert.us-cert.gov/advisories/ICSA-15-274-02

8.9 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.163 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2015-6478

prion1 checkpoint_advisories3 zdi5 cvelist1 ics1