16 matches found
EUVD-2017-16878
Malware in sbrugna...
EUVD-2017-14264
Malware in sbrugna...
CVE-2017-7907
An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser with improper restriction of XML external entity reference, or XXE may allow an attacker to enter malicious input through the...
Xxe
An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser with improper restriction of XML external entity reference, or XXE may allow an attacker to enter malicious input through the...
CVE-2017-7907
An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser with improper restriction of XML external entity reference, or XXE may allow an attacker to enter malicious input through the...
CVE-2017-7907
CVE-2017-7907 concerns an XML External Entity (XXE) handling flaw in Schneider Electric Wonderware Historian Client (2014 R2 SP1 and earlier). The vulnerability stems from an improperly restricted XML parser, enabling a local attacker to feed malicious input through the affected application, pote...
Wonderware Historian Client Native XML External Entity Injection Vulnerability
Schneider Electric Wonderware Historian is the French Schneider Electric Schneider Electric company's set of high-speed data acquisition and storage systems and traditional relational database management system combined with industrial data management software. A local XML external entity injecti...
Schneider Electric Wonderware Historian Client
CVSS v3 6.6 ATTENTION: Low skill level to exploit. Vendor: Schneider Electric Equipment: Wonderware Historian Client Vulnerability: Improper XML Parser Configuration AFFECTED PRODUCTS The following versions of Wonderware Historian Client, an analysis and reporting software, are affected: Wonderwa...
Schneider Electric Wonderware Historian Unauthorized Access Vulnerability
Schneider Electric Wonderware Historian is the French Schneider Electric Schneider Electric company's set of high-speed data acquisition and storage systems and traditional relational database management system combined with industrial data management software. An unauthorized access vulnerabilit...
CVE-2017-5155
An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by...
CVE-2017-5155
An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by...
Default credentials
An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by...
CVE-2017-5155
CVE-2017-5155 affects Schneider Electric Wonderware Historian (2014 R2 SP1 P01 and earlier). Root cause: historically created logins with default passwords can let a remote attacker compromise Historian databases and potentially SQL resources beyond. Impact: as described, unauthorized access and ...
CVE-2017-5155
An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by...
Default Credentials Found in Schneider Electric Wonderware Historian
The Industrial Control System Cyber Emergency Response Team ICS-CERT on Tuesday published an advisory warning of a critical vulnerability in Schneider Electric Wonderware Historian, a platform used to capture, store and manage big data. The vulnerability, CVE-2017-5155, can be exploited to target...
Schneider Electric Wonderware Historian
CVSS V3 7.3 ATTENTION: Remotely exploitable/Low skill level to exploit Vendor: Schneider Electric Equipment: Wonderware Historian Vulnerability: Credentials Management AFFECTED PRODUCTS The following Wonderware Historian versions are affected: Wonderware Historian 2014 R2 SP1 P01 and earlier...