Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500034.NASLHistoryNov 08, 2019 - 12:00 a.m.
Yokogawa Exaopc Improper Access Control
2019-11-0800:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
0.082 Low
EPSS
Percentile
94.4%
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbitrary files via a STOR operation, or obtain sensitive database-location information via a PMODE operation, a different vulnerability than CVE-2014-0784.
File data ot_500034.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| yokogawa | exaopc | * | cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:* |
| yokogawa | exaopc | - | cpe:2.3:h:yokogawa:exaopc:-:*:*:*:*:*:*:* |
| yokogawa | centum_cs_3000 | r3.01 | cpe:2.3:a:yokogawa:centum_cs_3000:r3.01:*:*:*:*:*:*:* |
| yokogawa | centum_cs_3000 | r3.02 | cpe:2.3:a:yokogawa:centum_cs_3000:r3.02:*:*:*:*:*:*:* |
| yokogawa | centum_cs_3000 | r3.03 | cpe:2.3:a:yokogawa:centum_cs_3000:r3.03:*:*:*:*:*:*:* |
| yokogawa | centum_cs_3000 | r3.04 | cpe:2.3:a:yokogawa:centum_cs_3000:r3.04:*:*:*:*:*:*:* |
| yokogawa | centum_cs_3000 | r3.05 | cpe:2.3:a:yokogawa:centum_cs_3000:r3.05:*:*:*:*:*:*:* |
| yokogawa | centum_cs_3000 | r3.06 | cpe:2.3:a:yokogawa:centum_cs_3000:r3.06:*:*:*:*:*:*:* |
| yokogawa | centum_cs_3000 | r3.07 | cpe:2.3:a:yokogawa:centum_cs_3000:r3.07:*:*:*:*:*:*:* |
| yokogawa | centum_cs_3000 | r3.08 | cpe:2.3:a:yokogawa:centum_cs_3000:r3.08:*:*:*:*:*:*:* |
Related
nessus
nessus
Yokogawa (CVE-2014-5208) (deprecated)
2022-02-07 00:00:00
nvd
nvd
CVE-2014-5208
2014-12-22 17:59:00
ics
ics
Yokogawa CENTUM and Exaopc Vulnerability (Update A)
2018-09-05 12:00:00
cvelist
cvelist
CVE-2014-5208
2014-12-22 17:00:00
cve
cve
CVE-2014-5208
2014-12-22 17:59:00
prion
prion
Authentication flaw
2014-12-22 17:59:00