CVE-2014-9197

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:N/A:N

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02	Patch US Government Resource

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:schneider-electric:etg3000_factorycast_hmi_gateway_firmware:1.60.2:*:*:*:*:*:*:*

OR	cpe:2.3:h:schneider-electric:tsxetg3000:-:::::::*
	cpe:2.3:h:schneider-electric:tsxetg3010:-:::::::*
	cpe:2.3:h:schneider-electric:tsxetg3021:-:::::::*
	cpe:2.3:h:schneider-electric:tsxetg3022:-:::::::*

History

No history.

Information

Published : 2015-01-27 19:59

Updated : 2015-01-28 18:52

NVD link : CVE-2014-9197

Mitre link : CVE-2014-9197

CVE.ORG link : CVE-2014-9197

JSON object : View

Products Affected

schneider-electric

tsxetg3000
tsxetg3010
tsxetg3021
tsxetg3022
etg3000_factorycast_hmi_gateway_firmware

CWE

CWE-284

Improper Access Control

{"id": "CVE-2014-9197", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-01-27T19:59:00.040", "references": [{"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02", "tags": ["Patch", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request."}, {"lang": "es", "value": "Schneider Electric ETG3000 FactoryCast HMI Gateway con firmware anterior a 1.60 IR 04 almacena rde.jar bajo el root web sin suficiente control de acceso, lo que permite a atacantes remotos obtener informaci\u00f3n sensible de la instalaci\u00f3n y la configuraci\u00f3n a trav\u00e9s de una solicitud directa."}], "lastModified": "2015-01-28T18:52:02.290", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:etg3000_factorycast_hmi_gateway_firmware:1.60.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88278ADF-FD66-4110-80F2-059D98B5D740"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:tsxetg3000:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46D2618A-486E-4055-BAFD-81F82C6B3D2A"}, {"criteria": "cpe:2.3:h:schneider-electric:tsxetg3010:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55B765EF-1FA4-4994-AE8C-E11BF4F9B95E"}, {"criteria": "cpe:2.3:h:schneider-electric:tsxetg3021:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB5F2A27-898A-4F8F-BAD5-FA64370A6B98"}, {"criteria": "cpe:2.3:h:schneider-electric:tsxetg3022:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D483984-53F3-4972-9F6D-9446C06891D5"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}