Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0780

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-0780
Last Modified 24 Jul 2015 02:35:00
Published 25 Apr 2014 01:12:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-0780

Summary

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests.

Vulnerable Systems

Application

  • Indusoft Web Studio 7.1


References

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02

BID - 67056


Last Updated: 27 May 2016 11:05:06