CVE-2014-0755

Sažetak

Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.

Reference

http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01
http://osvdb.org/102858
http://www.securityfocus.com/bid/65337
https://exchange.xforce.ibmcloud.com/vulnerabilities/90981

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

05-02-2014 - 05:15