Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0228

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-0228
Last Modified 05 Dec 2012 11:15:29
Published 02 Apr 2012 04:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0228

Summary

Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Vulnerable Systems

Application

  • Invensys Wonderware Information Server 4.0

  • Invensys Wonderware Information Server 4.5


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf

SECUNIA - 48603


Last Updated: 27 May 2016 11:01:26