Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIcscertCVE-2015-7901
HistoryOct 28, 2015 - 10:59 a.m.

CVE-2015-7901

2015-10-2810:59:21
CWE-78
icscert
web.nvd.nist.gov
27
cve-2015-7901
infinite automation mango automation
os command execution
remote authenticated users
security vulnerability

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.057

Percentile

93.4%

JSON

Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.

Affected configurations

Nvd
Node
infinite_automation_systemsmango_automationMatch2.5.0
OR
infinite_automation_systemsmango_automationMatch2.5.5
OR
infinite_automation_systemsmango_automationMatch2.6.0
VendorProductVersionCPE
infinite_automation_systemsmango_automation2.5.0cpe:2.3:a:infinite_automation_systems:mango_automation:2.5.0:*:*:*:*:*:*:*
infinite_automation_systemsmango_automation2.5.5cpe:2.3:a:infinite_automation_systems:mango_automation:2.5.5:*:*:*:*:*:*:*
infinite_automation_systemsmango_automation2.6.0cpe:2.3:a:infinite_automation_systems:mango_automation:2.6.0:*:*:*:*:*:*:*

Related

prion 1
zdt 1
packetstorm 1
cvelist 1
zeroscience 1
nvd 1
exploitdb 2
ics 1
prion
prion
Design/Logic Flaw
2015-10-28 10:59:00
zdt
zdt
Infinite Automation / Mango Automation - Command Injection Exploit
2017-09-13 00:00:00
packetstorm
packetstorm
Infinite Automation Mango Automation Command Injection
2017-09-15 00:00:00
cvelist
cvelist
CVE-2015-7901
2015-10-28 10:00:00
zeroscience
zeroscience
Mango Automation 2.6.0 CSRF Arbitrary Command Execution Exploit
2015-09-26 00:00:00
nvd
nvd
CVE-2015-7901
2015-10-28 10:59:21
exploitdb
exploitdb
Infinite Automation Mango Automation - Command Injection (Metasploit)
2017-09-13 00:00:00
Mango Automation 2.6.0 - Multiple Vulnerabilities
2015-09-28 00:00:00
ics
ics
Infinite Automation Systems Mango Automation Vulnerabilities (Update A)
2018-08-27 12:00:00

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.057

Percentile

93.4%

JSON
Related for CVE-2015-7901
prion1zdt1packetstorm1cvelist1zeroscience1nvd1exploitdb2ics1