Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4036

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-4036
Last Modified 02 Dec 2011 12:00:00
Published 02 Dec 2011 06:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4036

Summary

Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors.

Vulnerable Systems

Application

  • Schneider-electric Citecthistorian 4.20

  • Schneider-electric Citecthistorian 4.30

  • Schneider-electric Citectscada Reports 4.0

  • Schneider-electric Citectscada Reports 4.10

  • Schneider-electric Vijeo Historian 4.0

  • Schneider-electric Vijeo Historian 4.10

  • Schneider-electric Vijeo Historian 4.20

  • Schneider-electric Vijeo Historian 4.30


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf

CONFIRM - http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page

CONFIRM - http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695


Last Updated: 27 May 2016 10:57:48