Lucene search

[email protected]NVD:CVE-2012-4689

HistoryJan 17, 2013 - 4:55 p.m.

CVE-2012-4689

2013-01-1716:55:01

CWE-189

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.3%

JSON

Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request.

Affected configurations

NVD

Node

geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch4.01

geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch7.5

geintelligent_platforms_proficy_hmi\/scada_cimplicityMatch8.0

Node

geintelligent_platforms_proficy_process_systems_with_cimplicityMatch-

AND

geintelligent_platforms_proficy_process_systemsMatch-

References

support.ge-ip.com/support/index?page=kbchannel&id=S:KB15153

www.us-cert.gov/control_systems/pdf/ICSA-12-341-01.pdf

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.3%

JSON

Related for NVD:CVE-2012-4689

ics1 prion1 cve1 cvelist1