7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.371 Low
EPSS
Percentile
97.2%
The remote host is running a version of Cogent DataHub, formerly known as Cascade DataHub and OFC DataHub, that is prior to 7.3.5. It is, therefore, affected by the following vulnerabilities :
A directory traversal vulnerability exists due improper validation of user-supplied input to the directory specifier. A remote attacker can exploit this to access hard-coded files. (CVE-2014-2352)
A cross-site scripting vulnerability exists due to improper validation of user-supplied input. An attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user’s browser session. (CVE-2014-2353)
An overflow condition exists in the web server due to improper validation of user-supplied input when handling a negative content-length field. A remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2014-3788)
A command injection vulnerability exists in the ‘GetPermissions.asp’ active server page in the EvalExpresssion method due to improper sanitization of user-supplied input. A remote attacker can exploit this to execute arbitrary commands in the context of the DataHub process. (CVE-2014-3789)
Multiple vulnerabilities exist related to the bundled OpenSSL 1.0.0d library.
Binary data scada_cogent_datahub_7_3_5.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
cogentdatahub | cogent_datahub | cpe:/a:cogentdatahub:cogent_datahub |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2352
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2353
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3789
www.zerodayinitiative.com/advisories/ZDI-14-135/
www.zerodayinitiative.com/advisories/ZDI-14-136/