CVE-2015-0984

2015-03-3101:59:36

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.015

Percentile

87.1%

JSON

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers before 2.04.01 allows remote attackers to read files under the web root, and consequently obtain administrative login access, via a crafted pathname.

Affected configurations

Nvd

Node

honeywellexcel_web_xl_1000c100_104_i\/oRange≤2.04.00

honeywellexcel_web_xl_1000c1000_600_i\/oRange≤2.04.00

honeywellexcel_web_xl_1000c1000_600_i\/o_uuklRange≤2.04.00

honeywellexcel_web_xl_1000c100u_104_i\/o_uuklRange≤2.04.00

honeywellexcel_web_xl_1000c50_52_i\/oRange≤2.04.00

honeywellexcel_web_xl_1000c500_300_i\/oRange≤2.04.00

honeywellexcel_web_xl_1000c500_300_i\/o_uuklRange≤2.04.00

honeywellexcel_web_xl_1000c50u_52_i\/o_uuklRange≤2.04.00

VendorProductVersionCPE
honeywellexcel_web_xl_1000c100_104_i\/o*cpe:2.3:o:honeywell:excel_web_xl_1000c100_104_i\/o:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c1000_600_i\/o*cpe:2.3:o:honeywell:excel_web_xl_1000c1000_600_i\/o:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c1000_600_i\/o_uukl*cpe:2.3:o:honeywell:excel_web_xl_1000c1000_600_i\/o_uukl:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c100u_104_i\/o_uukl*cpe:2.3:o:honeywell:excel_web_xl_1000c100u_104_i\/o_uukl:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c50_52_i\/o*cpe:2.3:o:honeywell:excel_web_xl_1000c50_52_i\/o:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c500_300_i\/o*cpe:2.3:o:honeywell:excel_web_xl_1000c500_300_i\/o:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c500_300_i\/o_uukl*cpe:2.3:o:honeywell:excel_web_xl_1000c500_300_i\/o_uukl:*:*:*:*:*:*:*:*
honeywellexcel_web_xl_1000c50u_52_i\/o_uukl*cpe:2.3:o:honeywell:excel_web_xl_1000c50u_52_i\/o_uukl:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
honeywell	excel_web_xl_1000c100_104_i\/o	*	cpe:2.3:o:honeywell:excel_web_xl_1000c100_104_i\/o::::::::
honeywell	excel_web_xl_1000c1000_600_i\/o	*	cpe:2.3:o:honeywell:excel_web_xl_1000c1000_600_i\/o::::::::
honeywell	excel_web_xl_1000c1000_600_i\/o_uukl	*	cpe:2.3:o:honeywell:excel_web_xl_1000c1000_600_i\/o_uukl::::::::
honeywell	excel_web_xl_1000c100u_104_i\/o_uukl	*	cpe:2.3:o:honeywell:excel_web_xl_1000c100u_104_i\/o_uukl::::::::
honeywell	excel_web_xl_1000c50_52_i\/o	*	cpe:2.3:o:honeywell:excel_web_xl_1000c50_52_i\/o::::::::
honeywell	excel_web_xl_1000c500_300_i\/o	*	cpe:2.3:o:honeywell:excel_web_xl_1000c500_300_i\/o::::::::
honeywell	excel_web_xl_1000c500_300_i\/o_uukl	*	cpe:2.3:o:honeywell:excel_web_xl_1000c500_300_i\/o_uukl::::::::
honeywell	excel_web_xl_1000c50u_52_i\/o_uukl	*	cpe:2.3:o:honeywell:excel_web_xl_1000c50u_52_i\/o_uukl::::::::