CVE-2014-9196
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
'ulnerabilidad en Eaton Cooper Power Systems ProView en las versiones 4.0 y 5.0 anterior a la 5.0 11 Form 6 controles e Idea e IdeaPLUS relay genera un número TCP inicial de secuencia (ISN) de valores lineales, lo que hace que sea más fácil para los atacantes remotos falsificar las sesiones TCP al predecir un valor ISN.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-12-02 CVE Reserved
- 2015-07-20 CVE Published
- 2023-05-11 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-254: 7PK - Security Features
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/75936 | Vdb Entry | |
| https://ics-cert.us-cert.gov/advisories/ICSA-15-006-01 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 4.0 Search vendor "Eaton" for product "Proview" and version "4.0" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0 Search vendor "Eaton" for product "Proview" and version "5.0" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.1 Search vendor "Eaton" for product "Proview" and version "5.0.1" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.2 Search vendor "Eaton" for product "Proview" and version "5.0.2" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.3 Search vendor "Eaton" for product "Proview" and version "5.0.3" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.4 Search vendor "Eaton" for product "Proview" and version "5.0.4" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.5 Search vendor "Eaton" for product "Proview" and version "5.0.5" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.6 Search vendor "Eaton" for product "Proview" and version "5.0.6" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.7 Search vendor "Eaton" for product "Proview" and version "5.0.7" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.8 Search vendor "Eaton" for product "Proview" and version "5.0.8" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.9 Search vendor "Eaton" for product "Proview" and version "5.0.9" | - |
Affected
| ||||||
| Eaton Search vendor "Eaton" | Proview Search vendor "Eaton" for product "Proview" | 5.0.10 Search vendor "Eaton" for product "Proview" and version "5.0.10" | - |
Affected
| ||||||