Lucene search

[email protected]CVE-2016-2306

HistoryApr 22, 2016 - 12:59 a.m.

CVE-2016-2306

2016-04-2200:59:07

CWE-310

[email protected]

web.nvd.nist.gov

cve-2016-2306

hmi web server

ecava integraxor

remote attackers

sensitive information

cleartext

network sniffing

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.8%

JSON

The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network.

Affected configurations

NVD

Node

ecavaintegraxorRange≤4.2.4502

CPENameOperatorVersion
ecava:integraxorecava integraxorle4.2.4502

CPE	Name	Operator	Version
ecava:integraxor	ecava integraxor	le	4.2.4502

References

ics-cert.us-cert.gov/advisories/ICSA-16-105-03

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.8%

JSON

Related for CVE-2016-2306

cvelist1 nvd1 prion1 ics1 openvas1