Lucene search
+L
AvevaClearscada

9 matches found

CVE
CVE
added 2014/03/14 10:0 a.m.71 views

CVE-2014-0779

The CVE-2014-0779 issue affects the Kepware KepServerEX V4 PLC Driver in the ServerMain.exe component of Schneider Electric StruxureWare SCADA Expert ClearSCADA, impacting multiple release/build combos listed in the NVD entry (2010 R2, 2010 R2.1, 2010 R3, 2010 R3.1, 2013 R1, 2013 R1.1, 2013 R1.1a...

6.8CVSS6.7AI score0.01487EPSS
CVE
CVE
added 2014/09/18 10:0 a.m.58 views

CVE-2014-5412

Schneider Electric SCADA Expert ClearSCADA/ ClearSCADA (2010 R3 through 2014 R1) contains an authentication bypass via the default guest account, enabling remote disclosure of database records. Root cause: guest user’s read access exposes sensitive data without login. Affected products/versions: ...

6.4CVSS6.7AI score0.01572EPSS
CVE
CVE
added 2011/08/16 9:0 p.m.57 views

CVE-2011-3144

CVE-2011-3144 is an XSS vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 up to R2.3 and R1.4, used with SCX up to 67 R4.5 and 68 R3.9. Remote attackers can inject arbitrary web script/HTML via unspecified vectors. Affected components and exact vectors are not detailed in the ...

4.3CVSS5.9AI score0.01864EPSS
CVE
CVE
added 2014/09/18 10:0 a.m.53 views

CVE-2014-5413

CVE-2014-5413 affects Schneider Electric StruxureWare SCADA Expert ClearSCADA (2010 R3 through 2014 R1). The root issue is weak cryptographic controls: the self-signed web certificate uses MD5, enabling potential cryptographic spoofing of servers. Additionally, ICS-CERT describes a cross-site scr...

6.4CVSS6.7AI score0.01028EPSS
CVE
CVE
added 2018/05/14 2:0 p.m.53 views

CVE-2017-6021

The CVE-2017-6021 issue affects Schneider Electric ClearSCADA server and communications driver processes. Affected versions include 2014 R1 (build 75.5210) and prior, 2014 R1.1 (75.5387) and prior, 2015 R1 (76.5648) and prior, and 2015 R2 (77.5882) and prior. The root cause is improper input vali...

7.5CVSS7.6AI score0.01711EPSS
CVE
CVE
added 2014/01/15 3:0 p.m.49 views

CVE-2013-6142

Summary (MODE C): Schneider Electric ClearSCADA/SCADA Expert ClearSCADA 2010 R2–R3.x and 2013 R1–R1.2 are affected by CVE-2013-6142, an uncontrolled resource consumption vulnerability in the DNP3 driver (DNP3Driver.exe). Specially crafted IP frames can trigger event journal flooding, potentially ...

4.3CVSS6.8AI score0.01164EPSS
CVE
CVE
added 2011/08/16 9:0 p.m.48 views

CVE-2011-3143

CVE-2011-3143 is a use-after-free in Control Microsystems ClearSCADA 2005/2007/2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9. The vulnerability allows remote attackers to trigger heap memory corruption via unspecified long strings, causing a denial of service crash and pote...

10CVSS8.1AI score0.05985EPSS
CVE
CVE
added 2014/09/18 10:0 a.m.47 views

CVE-2014-5411

Schneider Electric SCADA Expert ClearSCADA (ClearSCADA 2010 R3 through 2014 R1; SCADA Expert ClearSCADA 2013/2014 R1 variants) is affected by CVE-2014-5411, a cross-site scripting (XSS) vulnerability combined with an authentication bypass and a weak MD5-based self-signed certificate issue. The IC...

4.9CVSS5.4AI score0.01287EPSS
CVE
CVE
added 2017/09/25 7:0 p.m.44 views

CVE-2017-9962

CVE-2017-9962 affects Schneider Electric ClearSCADA; versions released before August 2017 are vulnerable to a memory allocation issue triggered by malformed requests to ClearSCADA client applications, including ViewX and the Server Icon. The underlying cause and affected components are described ...

7.5CVSS7.4AI score0.01034EPSS