Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSchneiderCVELIST:CVE-2019-6854
HistoryJan 06, 2020 - 10:56 p.m.

CVE-2019-6854

2020-01-0622:56:53
CWE-287
schneider
www.cve.org

0.0005 Low

EPSS

Percentile

17.2%

JSON

A CWE-287: Improper Authentication vulnerability exists in a folder within EcoStruxure Geo SCADA Expert (ClearSCADA) -with initial releases before 1 January 2019- which could cause a low privilege user to delete or modify database, setting or certificate files. Those users must have access to the file system of that operating system to exploit this vulnerability. Affected versions in current support includes ClearSCADA 2017 R3, ClearSCADA 2017 R2, and ClearSCADA 2017.

CNA Affected

[
  {
    "product": "EcoStruxure Geo SCADA Expert (ClearSCADA) with initial releases before 1 January 2019 (see notification for more details)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EcoStruxure Geo SCADA Expert (ClearSCADA) with initial releases before 1 January 2019 (see notification for more details)"
      }
    ]
  }
]

Related

cve 1
prion 1
nvd 1
cve
cve
CVE-2019-6854
2020-01-06 23:15:11
prion
prion
Authentication flaw
2020-01-06 23:15:00
nvd
nvd
CVE-2019-6854
2020-01-06 23:15:11

0.0005 Low

EPSS

Percentile

17.2%

JSON
Related for CVELIST:CVE-2019-6854
cve1prion1nvd1