4 results (0.011 seconds)

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en Schneider Electric Vijeo Historian v4.30 y anteriores, CitectHistorian v4.30 y anteriores, y CitectSCADAReports v4.10 y anteriores permite a atacantes remotos leer ficheros arbitrarios a través de vectores no especificados. • http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695 http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.3EPSS: 39%CPEs: 8EXPL: 0

Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. Desbordamiento de búfer en el control ActiveX TeeChart Steema, tal como se utiliza en Schneider Electric Vijeo Historian v4.30 y anteriores, CitectHistorian v4.30 y anteriores, y CitectSCADAReports v4.10 y anteriores, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio a través de vectores no especificados. • http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695 http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Schneider Electric Vijeo Historian v4.30 y anteriores, CitectHistorian v4.30 y anteriores, y CitectSCADAReports v4.10 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695 http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/71503 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors. Desbordamiento de búfer en el control ActiveX TeeChart Steema, tal como se utiliza en Schneider Electric Vijeo Historian v4.30 y anteriores, CitectHistorian v4.30 y anteriores, y CitectSCADAReports v4.10 y anteriores, permite a atacantes remotos provocar una denegación de servicio a través de vectores no especificados. • http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695 http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •