Lucene search
HistoryDec 21, 2015 - 11:59 a.m.
CVE-2015-7937
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.3 High
AI Score
Confidence
Low
0.071 Low
EPSS
Percentile
94.0%
Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.
Affected configurations
Node
schneider-electricbmxnoc0401Match-
ORschneider-electricbmxnoe0100Match-
ORschneider-electricbmxnoe0100hMatch-
ORschneider-electricbmxnoe0110Match-
ORschneider-electricbmxnoe0110hMatch-
ORschneider-electricbmxnor0200Match-
ORschneider-electricbmxnor0200hMatch-
ORschneider-electricbmxpra0100Match-
ORschneider-electricmodicon_m340_bmxp342020Match-
ORschneider-electricmodicon_m340_bmxp342020hMatch-
ORschneider-electricmodicon_m340_bmxp342030Match-
ORschneider-electricmodicon_m340_bmxp3420302Match-
ORschneider-electricmodicon_m340_bmxp3420302hMatch-
Related
ics
ics
Schneider Electric Modicon M340 Buffer Overflow Vulnerability
2018-08-27 12:00:00
openvas
openvas
Schneider Electric Modicon M340 Buffer Overflow Vulnerability
2017-02-09 00:00:00
prion
prion
Stack overflow
2015-12-21 11:59:00
cve
cve
CVE-2015-7937
2015-12-21 11:59:12
nessus
nessus
cvelist
cvelist
CVE-2015-7937
2015-12-21 11:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.3 High
AI Score
Confidence
Low
0.071 Low
EPSS
Percentile
94.0%
Related for NVD:CVE-2015-7937