Lucene search

[email protected]CVE-2015-7917

HistoryDec 23, 2015 - 3:59 a.m.

CVE-2015-7917

2015-12-2303:59:04

[email protected]

web.nvd.nist.gov

cve-2015-7917

untrusted search path

open automation

opc systems.net

nvd

security vulnerability

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected configurations

NVD

Node

opcsystemsopc_systems.netRange≤8.00.0023

CPENameOperatorVersion
opcsystems:opc_systems.netopcsystems opc systems.netle8.00.0023

CPE	Name	Operator	Version
opcsystems:opc_systems.net	opcsystems opc systems.net	le	8.00.0023

References

www.securityfocus.com/bid/78909

ics-cert.us-cert.gov/advisories/ICSA-15-344-02

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2015-7917

ics1 prion1 nvd1 cvelist1