Lucene search
HistoryNov 04, 2014 - 2:55 a.m.
CVE-2014-4311
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.003
Percentile
65.7%
Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Connection and (2) E-mail Connection passwords by reading HTML source code of the database connection and email settings page.
Affected configurations
Node
epicorepicor_enterpriseRange≤7.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| epicor | epicor_enterprise | * | cpe:2.3:a:epicor:epicor_enterprise:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2014-4311
2014-11-04 02:00:00
cve
cve
CVE-2014-4311
2014-11-04 02:55:10
prion
prion
Code injection
2014-11-04 02:55:00
seebug
seebug
Epicor Enterprise 7.4 - Multiple Vulnerabilities
2014-10-10 00:00:00
exploitpack
exploitpack
Epicor Enterprise 7.4 - Multiple Vulnerabilities
2014-10-02 00:00:00
packetstorm
packetstorm
Epicor Password Disclosure / Cross Site Scripting
2014-10-01 00:00:00
zdt
zdt
Epicor Enterprise 7.4 - Multiple Vulnerabilities
2014-10-02 00:00:00
exploitdb
exploitdb
Epicor Enterprise 7.4 - Multiple Vulnerabilities
2014-10-02 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.003
Percentile
65.7%
Related for NVD:CVE-2014-4311