CVE-2014-9196

EPSS 2.25%
Veröffentlicht 20.07.2015 01:59:01
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

Eaton’s Cooper Power Series Form 6 Control and Idea/IdeaPlus Relays with Ethernet

Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

NVD 12 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Eaton ≫ Proview Version4.0

Eaton ≫ Proview Version5.0

Eaton ≫ Proview Version5.0.1

Eaton ≫ Proview Version5.0.2

Eaton ≫ Proview Version5.0.3

Eaton ≫ Proview Version5.0.4

Eaton ≫ Proview Version5.0.5

Eaton ≫ Proview Version5.0.6

Eaton ≫ Proview Version5.0.7

Eaton ≫ Proview Version5.0.8

Eaton ≫ Proview Version5.0.9

Eaton ≫ Proview Version5.0.10

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.25%	0.806

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
ics-cert@hq.dhs.gov	7.6	4.9	10	AV:N/AC:H/Au:N/C:C/I:C/A:C

CWE-342 Predictable Exact Value from Previous Values

An exact value or random number can be precisely predicted by observing previous values.

http://www.securityfocus.com/bid/75936

https://ics-cert.us-cert.gov/advisories/ICSA-15-006-01

Third Party Advisory

US Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-15-006-01

https://www.eaton.com/cybersecurity

https://nvd.nist.gov/vuln/detail/CVE-2014-9196

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-9196

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-9196

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2014-9196