6.3
CVE-2016-5787
- EPSS 0.09%
- Published 15.07.2016 16:59:11
- Last modified 12.04.2025 10:46:40
- Source ics-cert@hq.dhs.gov
- Teams watchlist Login
- Open Login
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
Data is provided by the National Vulnerability Database (NVD)
Ge ≫ Cimplicity Version < 8.2
Ge ≫ Cimplicity Version8.2 Updatesim1
Ge ≫ Cimplicity Version8.2 Updatesim10
Ge ≫ Cimplicity Version8.2 Updatesim11
Ge ≫ Cimplicity Version8.2 Updatesim12
Ge ≫ Cimplicity Version8.2 Updatesim13
Ge ≫ Cimplicity Version8.2 Updatesim14
Ge ≫ Cimplicity Version8.2 Updatesim15
Ge ≫ Cimplicity Version8.2 Updatesim16
Ge ≫ Cimplicity Version8.2 Updatesim17
Ge ≫ Cimplicity Version8.2 Updatesim18
Ge ≫ Cimplicity Version8.2 Updatesim19
Ge ≫ Cimplicity Version8.2 Updatesim2
Ge ≫ Cimplicity Version8.2 Updatesim20
Ge ≫ Cimplicity Version8.2 Updatesim21
Ge ≫ Cimplicity Version8.2 Updatesim22
Ge ≫ Cimplicity Version8.2 Updatesim23
Ge ≫ Cimplicity Version8.2 Updatesim24
Ge ≫ Cimplicity Version8.2 Updatesim25
Ge ≫ Cimplicity Version8.2 Updatesim26
Ge ≫ Cimplicity Version8.2 Updatesim3
Ge ≫ Cimplicity Version8.2 Updatesim4
Ge ≫ Cimplicity Version8.2 Updatesim5
Ge ≫ Cimplicity Version8.2 Updatesim6
Ge ≫ Cimplicity Version8.2 Updatesim7
Ge ≫ Cimplicity Version8.2 Updatesim8
Ge ≫ Cimplicity Version8.2 Updatesim9
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.236 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.3 | 2 | 3.7 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.