Lucene search

[email protected]NVD:CVE-2015-3940

HistoryAug 04, 2015 - 1:59 a.m.

CVE-2015-3940

2015-08-0401:59:00

CWE-22

[email protected]

web.nvd.nist.gov

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.5%

JSON

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected configurations

NVD

Node

schneider-electricwonderware_system_platform_2014Matchr2

References

iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf

www.securityfocus.com/bid/75297

www.securitytracker.com/id/1033179

www.securitytracker.com/id/1033180

ics-cert.us-cert.gov/advisories/ICSA-15-169-02

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.5%

JSON

Related for NVD:CVE-2015-3940

ics1 cvelist1 cve1 prion1