CVE-2014-9196

{"id": "CVE-2014-9196", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-07-20T01:59:01.113", "references": [{"url": "http://www.securityfocus.com/bid/75936", "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-006-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-254"}]}], "descriptions": [{"lang": "en", "value": "Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value."}, {"lang": "es", "value": "'ulnerabilidad en Eaton Cooper Power Systems ProView en las versiones 4.0 y 5.0 anterior a la 5.0 11 Form 6 controles e Idea e IdeaPLUS relay genera un n\u00famero TCP inicial de secuencia (ISN) de valores lineales, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos falsificar las sesiones TCP al predecir un valor ISN."}], "lastModified": "2016-11-28T19:13:44.760", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eaton:proview:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09E9D87B-D0F2-48DD-97F1-9CB5D7B319E8"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD294C06-DCE8-45B1-A59E-E45CB50CA089"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91712733-5783-4B9A-8BD8-62A32229BC03"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDCAC23C-22B9-4862-A967-453812EEAA3F"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91DEAC57-6765-4470-963E-E9EC364657AF"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "955879A7-9F8F-47F2-B8F0-7D62AB69261D"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADF48CE1-EC38-4F11-82D1-514C993AF1FA"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9705072-55EE-46E6-B124-8C7A20D6DC03"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04909702-7055-4822-BAB8-139EBF4E409C"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7484B7D1-D109-4E5E-B26F-4FEB88E68EB1"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E64750AD-BAA4-4837-BA51-87019A585C91"}, {"criteria": "cpe:2.3:a:eaton:proview:5.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BFA9727-CBCA-45BC-B4BA-0B5730C05450"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}