CVE-2016-4510

EPSS 0.69%
Veröffentlicht 09.06.2016 10:59:03
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Trihedral ≫ Vtscada Version10.1.05

Trihedral ≫ Vtscada Version10.1.06

Trihedral ≫ Vtscada Version10.1.07

Trihedral ≫ Vtscada Version10.1.12

Trihedral ≫ Vtscada Version10.0.11

Trihedral ≫ Vtscada Version10.0.13

Trihedral ≫ Vtscada Version10.0.14

Trihedral ≫ Vtscada Version10.0.16

Trihedral ≫ Vtscada Version10.0.17

Trihedral ≫ Vtscada Version11.1.05

Trihedral ≫ Vtscada Version11.1.06

Trihedral ≫ Vtscada Version11.1.09

Trihedral ≫ Vtscada Version11.1.10

Trihedral ≫ Vtscada Version11.1.13

Trihedral ≫ Vtscada Version11.1.14

Trihedral ≫ Vtscada Version11.1.15

Trihedral ≫ Vtscada Version11.1.16

Trihedral ≫ Vtscada Version11.1.17

Trihedral ≫ Vtscada Version11.1.18

Trihedral ≫ Vtscada Version11.1.19

Trihedral ≫ Vtscada Version11.1.20

Trihedral ≫ Vtscada Version11.1.21

Trihedral ≫ Vtscada Version11.1.22

Trihedral ≫ Vtscada Version11.1.24

Trihedral ≫ Vtscada Version8.0.05

Trihedral ≫ Vtscada Version8.0.12

Trihedral ≫ Vtscada Version8.0.16

Trihedral ≫ Vtscada Version8.0.18

Trihedral ≫ Vtscada Version8.1.05

Trihedral ≫ Vtscada Version8.1.06

Trihedral ≫ Vtscada Version10.2.05

Trihedral ≫ Vtscada Version10.2.07

Trihedral ≫ Vtscada Version10.2.08

Trihedral ≫ Vtscada Version10.2.11

Trihedral ≫ Vtscada Version10.2.13

Trihedral ≫ Vtscada Version10.2.14

Trihedral ≫ Vtscada Version10.2.15

Trihedral ≫ Vtscada Version10.2.17

Trihedral ≫ Vtscada Version10.2.19

Trihedral ≫ Vtscada Version10.2.20

Trihedral ≫ Vtscada Version10.2.21

Trihedral ≫ Vtscada Version10.2.22

Trihedral ≫ Vtscada Version9.0.02

Trihedral ≫ Vtscada Version9.0.03

Trihedral ≫ Vtscada Version9.0.08

Trihedral ≫ Vtscada Version9.1.02

Trihedral ≫ Vtscada Version9.1.03

Trihedral ≫ Vtscada Version9.1.05

Trihedral ≫ Vtscada Version9.1.09

Trihedral ≫ Vtscada Version9.1.11

Trihedral ≫ Vtscada Version9.1.14

Trihedral ≫ Vtscada Version9.1.20

Trihedral ≫ Vtscada Version11.0.05

Trihedral ≫ Vtscada Version11.0.07

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.69%	0.714

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securityfocus.com/bid/91077

http://www.zerodayinitiative.com/advisories/ZDI-16-404

https://ics-cert.us-cert.gov/advisories/ICSA-16-159-01

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2016-4510

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-4510

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-4510

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2016-4510