Lucene search
HistoryMay 09, 2013 - 12:31 p.m.
CVE-2013-0685
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.3%
Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or cause a denial of service (resource consumption) via unknown vectors.
Affected configurations
Node
invensyswonderware_information_serverMatch4.0sp1sp1
ORinvensyswonderware_information_serverMatch4.5-portal
ORinvensyswonderware_information_serverMatch5.0-portal
Related
prion
prion
Code injection
2013-05-09 12:31:00
cve
cve
CVE-2013-0685
2022-10-03 16:15:05
ptsecurity
ptsecurity
PT-2013-40: Resource Exhaustion in Wonderware Information Server
2012-12-16 00:00:00
cvelist
cvelist
CVE-2013-0685
2022-10-03 16:15:05
ics
ics
Wonderware Information Server Vulnerabilities
2013-08-01 12:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.3%
Related for NVD:CVE-2013-0685