Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2019-10993 (GCVE-0-2019-10993)

Vulnerability from cvelistv5 – Published: 2019-06-28 20:52 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code.

Severity ?

No CVSS data available.

CWE

Other

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-617/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-612/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-602/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-606/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-603/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-605/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-623/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-597/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-618/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-611/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-601/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-616/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-607/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-614/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-615/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-613/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-598/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:10.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-617/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-612/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-602/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-606/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-603/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-605/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-623/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-597/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-618/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-611/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-601/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-616/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-607/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-614/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-615/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-613/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-598/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10993",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-617/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-617/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-612/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-612/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-602/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-602/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-606/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-606/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-603/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-603/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-605/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-605/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-623/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-623/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-597/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-597/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-618/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-618/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-611/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-611/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-601/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-601/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-616/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-616/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-607/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-607/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-614/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-614/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-615/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-615/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-613/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-613/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-598/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-598/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10993",
    "datePublished": "2019-06-28T20:52:48.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10987 (GCVE-0-2019-10987)

Vulnerability from cvelistv5 – Published: 2019-06-28 20:49 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.

Severity ?

No CVSS data available.

CWE

Other

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.688Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-584/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-587/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:08.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-584/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-587/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10987",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-584/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-584/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-587/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-587/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10987",
    "datePublished": "2019-06-28T20:49:28.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10983 (GCVE-0-2019-10983)

Vulnerability from cvelistv5 – Published: 2019-06-28 20:38 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information.

Severity ?

No CVSS data available.

CWE

Other

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.527Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-621/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:06.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-621/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10983",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-621/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-621/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10983",
    "datePublished": "2019-06-28T20:38:08.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.527Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10989 (GCVE-0-2019-10989)

Vulnerability from cvelistv5 – Published: 2019-06-28 20:31 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991.

Severity ?

No CVSS data available.

CWE

Buffer Overflow

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-590/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-591/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:07.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-590/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-591/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-590/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-590/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-591/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-591/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10989",
    "datePublished": "2019-06-28T20:31:48.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10991 (GCVE-0-2019-10991)

Vulnerability from cvelistv5 – Published: 2019-06-28 20:25 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.

Severity ?

No CVSS data available.

CWE

Buffer Overflow

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:08.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10991",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10991",
    "datePublished": "2019-06-28T20:25:56.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10985 (GCVE-0-2019-10985)

Vulnerability from cvelistv5 – Published: 2019-06-28 20:05 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator.

Severity ?

No CVSS data available.

CWE

Directory Traversal (Local File Inclusion)

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-622/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Directory Traversal (Local File Inclusion)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:09.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-622/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10985",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Directory Traversal (Local File Inclusion)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-622/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-622/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10985",
    "datePublished": "2019-06-28T20:05:33.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.691Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10993 (GCVE-0-2019-10993)

Vulnerability from nvd – Published: 2019-06-28 20:52 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code.

Severity ?

No CVSS data available.

CWE

Other

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-617/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-612/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-602/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-606/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-603/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-605/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-623/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-597/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-618/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-611/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-601/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-616/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-607/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-614/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-615/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-613/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-598/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:10.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-617/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-612/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-602/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-606/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-603/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-605/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-623/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-597/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-618/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-611/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-601/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-616/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-607/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-614/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-615/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-613/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-598/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10993",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-617/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-617/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-612/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-612/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-602/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-602/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-606/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-606/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-603/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-603/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-605/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-605/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-623/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-623/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-597/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-597/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-618/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-618/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-611/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-611/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-601/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-601/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-616/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-616/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-607/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-607/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-614/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-614/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-615/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-615/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-613/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-613/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-598/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-598/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10993",
    "datePublished": "2019-06-28T20:52:48.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10987 (GCVE-0-2019-10987)

Vulnerability from nvd – Published: 2019-06-28 20:49 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.

Severity ?

No CVSS data available.

CWE

Other

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.688Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-584/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-587/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:08.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-584/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-587/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10987",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-584/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-584/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-587/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-587/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10987",
    "datePublished": "2019-06-28T20:49:28.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10983 (GCVE-0-2019-10983)

Vulnerability from nvd – Published: 2019-06-28 20:38 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information.

Severity ?

No CVSS data available.

CWE

Other

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.527Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-621/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:06.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-621/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10983",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-621/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-621/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10983",
    "datePublished": "2019-06-28T20:38:08.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.527Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10989 (GCVE-0-2019-10989)

Vulnerability from nvd – Published: 2019-06-28 20:31 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991.

Severity ?

No CVSS data available.

CWE

Buffer Overflow

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-590/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-591/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:07.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-590/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-591/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. Note: A different vulnerability than CVE-2019-10991."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-590/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-590/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-591/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-591/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10989",
    "datePublished": "2019-06-28T20:31:48.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10991 (GCVE-0-2019-10991)

Vulnerability from nvd – Published: 2019-06-28 20:25 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution.

Severity ?

No CVSS data available.

CWE

Buffer Overflow

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:08.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10991",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-592/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-620/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-588/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-586/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-594/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-589/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-619/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10991",
    "datePublished": "2019-06-28T20:25:56.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10985 (GCVE-0-2019-10985)

Vulnerability from nvd – Published: 2019-06-28 20:05 – Updated: 2024-08-04 22:40

Summary

In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator.

Severity ?

No CVSS data available.

CWE

Directory Traversal (Local File Inclusion)

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-178-05	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WebAccess	WebAccess/SCADA	Affected: Versions 8.3.5 and prior

Date Public ?

2019-06-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-622/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebAccess/SCADA",
          "vendor": "WebAccess",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 8.3.5 and prior"
            }
          ]
        }
      ],
      "datePublic": "2019-06-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Directory Traversal (Local File Inclusion)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-02T16:06:09.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-622/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-10985",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebAccess/SCADA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions 8.3.5 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "WebAccess"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Directory Traversal (Local File Inclusion)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-05"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-622/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-622/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-10985",
    "datePublished": "2019-06-28T20:05:33.000Z",
    "dateReserved": "2019-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:40:15.691Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

12 vulnerabilities found for WebAccess/SCADA by WebAccess

CVE-2019-10993 (GCVE-0-2019-10993)

CVE-2019-10987 (GCVE-0-2019-10987)

CVE-2019-10983 (GCVE-0-2019-10983)

CVE-2019-10989 (GCVE-0-2019-10989)

CVE-2019-10991 (GCVE-0-2019-10991)

CVE-2019-10985 (GCVE-0-2019-10985)

CVE-2019-10993 (GCVE-0-2019-10993)

CVE-2019-10987 (GCVE-0-2019-10987)

CVE-2019-10983 (GCVE-0-2019-10983)

CVE-2019-10989 (GCVE-0-2019-10989)

CVE-2019-10991 (GCVE-0-2019-10991)

CVE-2019-10985 (GCVE-0-2019-10985)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.