Lucene search

IcscertCVE-2016-2281

HistoryMar 18, 2016 - 2:59 p.m.

CVE-2016-2281

2016-03-1814:59:04

CWE-264

icscert

web.nvd.nist.gov

cve-2016-2281

untrusted search path

abb panel builder 800 5.1

local users

privilege escalation

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

Percentile

15.7%

JSON

Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Affected configurations

Nvd

Node

abbpanel_builder_800Match5.1

VendorProductVersionCPE
abbpanel_builder_8005.1cpe:2.3:a:abb:panel_builder_800:5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
abb	panel_builder_800	5.1	cpe:2.3:a:abb:panel_builder_800:5.1:::::::*

References

ics-cert.us-cert.gov/advisories/ICSA-16-077-01

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

Percentile

15.7%

JSON

Related for CVE-2016-2281