Lucene search
HistoryJul 24, 2014 - 2:55 p.m.
CVE-2014-2717
CVSS2
7.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
AI Score
7
Confidence
Low
EPSS
0.003
Percentile
70.6%
Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page.
Affected configurations
Node
honeywellfalcon_xlweb_linux_controllerRange≤2.04.01
ORhoneywellfalcon_xlweb_xlwebexeRange≤2.02.11
| Vendor | Product | Version | CPE |
|---|---|---|---|
| honeywell | falcon_xlweb_linux_controller | * | cpe:2.3:h:honeywell:falcon_xlweb_linux_controller:*:*:*:*:*:*:*:* |
| honeywell | falcon_xlweb_xlwebexe | * | cpe:2.3:h:honeywell:falcon_xlweb_xlwebexe:*:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2014-07-24 14:55:00
cvelist
cvelist
CVE-2014-2717
2014-07-24 14:00:00
cve
cve
CVE-2014-2717
2014-07-24 14:55:07
nessus
nessus
Honeywell FALCON XL Web Controller Multiple Vulnerabilities
2014-08-25 00:00:00
ics
ics
Honeywell FALCON XLWeb Controllers Vulnerabilities
2018-09-06 12:00:00
packetstorm
packetstorm
Honeywell XLWEB SCADA Path Traversal
2015-04-23 00:00:00
CVSS2
7.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
AI Score
7
Confidence
Low
EPSS
0.003
Percentile
70.6%
Related for NVD:CVE-2014-2717