CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
74.9%
The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to read configuration files, and discover data-source credentials, via a direct request.
Vendor | Product | Version | CPE |
---|---|---|---|
ge | intelligent_platforms_proficy_real-time_information_portal | - | cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:-:*:*:*:*:*:*:* |
ge | intelligent_platforms_proficy_real-time_information_portal | 2.6 | cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:2.6:*:*:*:*:*:*:* |
ge | intelligent_platforms_proficy_real-time_information_portal | 3.0 | cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:3.0:*:*:*:*:*:*:* |
ge | intelligent_platforms_proficy_real-time_information_portal | 3.0 | cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:3.0:sp1:*:*:*:*:*:* |
ge | intelligent_platforms_proficy_real-time_information_portal | 3.5 | cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:3.5:*:*:*:*:*:*:* |
ge | intelligent_platforms_proficy_real-time_information_portal | 3.5 | cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:3.5:sp1:*:*:*:*:*:* |