Vulnerability-Lookup

CVE-2012-0228 (GCVE-0-2012-0228)

Vulnerability from cvelistv5 – Published: 2012-04-02 20:00 – Updated: 2024-08-06 18:16

Summary

Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Severity

No CVSS data available.

CWE

Assigner

certcc

References

6 references

URL	Tags
http://www.securitytracker.com/id?1026886	vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/48603	third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/80890	vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/52851	vdb-entryx_refsource_BID
http://www.us-cert.gov/control_systems/pdf/ICSA-1…	x_refsource_MISC
http://www.securitytracker.com/id?1026887	vdb-entryx_refsource_SECTRACK

Date Public

2012-04-02 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:19.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1026886",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026886"
          },
          {
            "name": "48603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48603"
          },
          {
            "name": "80890",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/80890"
          },
          {
            "name": "52851",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52851"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf"
          },
          {
            "name": "1026887",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026887"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-04-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-05T19:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1026886",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026886"
        },
        {
          "name": "48603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48603"
        },
        {
          "name": "80890",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/80890"
        },
        {
          "name": "52851",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52851"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf"
        },
        {
          "name": "1026887",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026887"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-0228",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1026886",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026886"
            },
            {
              "name": "48603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48603"
            },
            {
              "name": "80890",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/80890"
            },
            {
              "name": "52851",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52851"
            },
            {
              "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf",
              "refsource": "MISC",
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf"
            },
            {
              "name": "1026887",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026887"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2012-0228",
    "datePublished": "2012-04-02T20:00:00.000Z",
    "dateReserved": "2011-12-21T00:00:00.000Z",
    "dateUpdated": "2024-08-06T18:16:19.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2012-0228",
      "date": "2026-05-29",
      "epss": "0.00234",
      "percentile": "0.46396"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"325DE4D6-7649-4566-BC6E-1F8DC16FF1A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7197915B-54BF-41DB-8304-B4CBF1751CE4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Invensys Wonderware Information Server v4.0 SP1 y v4.5 no implementan de forma adecuada los controles, lo que permite a atacantes remotos evitar las restricciones de acceso impuestas a trav\\u00e9s de vectores no determinados.\"}]",
      "id": "CVE-2012-0228",
      "lastModified": "2024-11-21T01:34:37.420",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2012-04-02T20:55:01.903",
      "references": "[{\"url\": \"http://osvdb.org/80890\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://secunia.com/advisories/48603\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.securityfocus.com/bid/52851\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.securitytracker.com/id?1026886\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.securitytracker.com/id?1026887\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf\", \"source\": \"cret@cert.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://osvdb.org/80890\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/48603\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/52851\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1026886\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1026887\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}]",
      "sourceIdentifier": "cret@cert.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-0228\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2012-04-02T20:55:01.903\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Invensys Wonderware Information Server v4.0 SP1 y v4.5 no implementan de forma adecuada los controles, lo que permite a atacantes remotos evitar las restricciones de acceso impuestas a trav\u00e9s de vectores no determinados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"325DE4D6-7649-4566-BC6E-1F8DC16FF1A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7197915B-54BF-41DB-8304-B4CBF1751CE4\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/80890\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/48603\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/52851\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securitytracker.com/id?1026886\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securitytracker.com/id?1026887\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://osvdb.org/80890\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48603\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/52851\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026886\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026887\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
  }
}

FKIE_CVE-2012-0228

Vulnerability from fkie_nvd - Published: 2012-04-02 20:55 - Updated: 2026-04-29 01:13

Severity

Summary

Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

References

URL	Tags
cret@cert.org	http://osvdb.org/80890
cret@cert.org	http://secunia.com/advisories/48603
cret@cert.org	http://www.securityfocus.com/bid/52851
cret@cert.org	http://www.securitytracker.com/id?1026886
cret@cert.org	http://www.securitytracker.com/id?1026887
cret@cert.org	http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/80890
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48603
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/52851
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1026886
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1026887
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf	US Government Resource

Impacted products

	Vendor	Product	Version
	invensys	wonderware_information_server	4.0
	invensys	wonderware_information_server	4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "325DE4D6-7649-4566-BC6E-1F8DC16FF1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7197915B-54BF-41DB-8304-B4CBF1751CE4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Invensys Wonderware Information Server v4.0 SP1 y v4.5 no implementan de forma adecuada los controles, lo que permite a atacantes remotos evitar las restricciones de acceso impuestas a trav\u00e9s de vectores no determinados."
    }
  ],
  "id": "CVE-2012-0228",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-04-02T20:55:01.903",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://osvdb.org/80890"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/48603"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/52851"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id?1026886"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id?1026887"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/80890"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/48603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/52851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1026886"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1026887"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-C456-VJHW-VJGW

Vulnerability from github – Published: 2022-05-04 00:28 – Updated: 2022-05-04 00:28

Details

Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-0228"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-04-02T20:55:00Z",
    "severity": "HIGH"
  },
  "details": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.",
  "id": "GHSA-c456-vjhw-vjgw",
  "modified": "2022-05-04T00:28:52Z",
  "published": "2022-05-04T00:28:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0228"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80890"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48603"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/52851"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1026886"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1026887"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2012-0228

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Aliases

CVE-2012-0228

Aliases

CVE-2012-0228

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-0228",
    "description": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.",
    "id": "GSD-2012-0228"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-0228"
      ],
      "details": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.",
      "id": "GSD-2012-0228",
      "modified": "2023-12-13T01:20:13.850549Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2012-0228",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1026886",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1026886"
          },
          {
            "name": "48603",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/48603"
          },
          {
            "name": "80890",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80890"
          },
          {
            "name": "52851",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/52851"
          },
          {
            "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf",
            "refsource": "MISC",
            "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf"
          },
          {
            "name": "1026887",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1026887"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-0228"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf",
              "refsource": "MISC",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf"
            },
            {
              "name": "48603",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/48603"
            },
            {
              "name": "1026887",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1026887"
            },
            {
              "name": "1026886",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1026886"
            },
            {
              "name": "52851",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/52851"
            },
            {
              "name": "80890",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80890"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-01-06T02:29Z",
      "publishedDate": "2012-04-02T20:55Z"
    }
  }
}

ICSA-12-062-01

Vulnerability from csaf_cisa - Published: 2012-12-04 07:00 - Updated: 2025-06-17 15:45

Summary

Wonderware Information Server Multiple Vulnerabilities

Notes

Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation.

Recommended Practices: Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.

Recommended Practices: Locate control system networks and remote devices behind firewalls and isolating them from business networks.

Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices: CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

CVE-2012-0226

7.5 ()


                        
                          AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
Invensys Wonderware Information Server Portal: 4.0_SP1\|4.5 Invensys / Wonderware Information Server Portal		4.0_SP1\|4.5	Mitigation fix Mitigation Mitigation
Invensys Wonderware Information Server Client: 4.0_SP1\|4.5 Invensys / Wonderware Information Server Client		4.0_SP1\|4.5	Mitigation fix Mitigation Mitigation

CVE-2012-0225

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
Invensys Wonderware Information Server Portal: 4.0_SP1\|4.5 Invensys / Wonderware Information Server Portal		4.0_SP1\|4.5	Mitigation fix Mitigation Mitigation
Invensys Wonderware Information Server Client: 4.0_SP1\|4.5 Invensys / Wonderware Information Server Client		4.0_SP1\|4.5	Mitigation fix Mitigation Mitigation

CVE-2012-0228

7.5 ()


                        
                          AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-284 - Improper Access Control

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
Invensys Wonderware Information Server Portal: 4.0_SP1\|4.5 Invensys / Wonderware Information Server Portal		4.0_SP1\|4.5	Mitigation fix Mitigation Mitigation
Invensys Wonderware Information Server Client: 4.0_SP1\|4.5 Invensys / Wonderware Information Server Client		4.0_SP1\|4.5	Mitigation fix Mitigation Mitigation

References

10 references

URL	Category
https://raw.githubusercontent.com/cisagov/CSAF/de…	self
https://www.cisa.gov/news-events/ics-advisories/i…	self
https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-…	external
https://www.cisa.gov/resources-tools/resources/ic…	external
https://www.cisa.gov/topics/industrial-control-systems	external
https://us-cert.cisa.gov/sites/default/files/reco…	external
https://www.cisa.gov/sites/default/files/publicat…	external
https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B	external
https://www.cisa.gov/uscert/sites/default/files/p…	external
https://www.cisa.gov/uscert/ncas/tips/ST04-014	external

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-12-062-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2012/icsa-12-062-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-12-062-01 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-062-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      }
    ],
    "title": "Wonderware Information Server Multiple Vulnerabilities",
    "tracking": {
      "current_release_date": "2025-06-17T15:45:28.468819Z",
      "generator": {
        "date": "2025-06-17T15:45:28.468330Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-12-062-01",
      "initial_release_date": "2012-12-04T07:00:00.000000Z",
      "revision_history": [
        {
          "date": "2012-12-04T07:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        },
        {
          "date": "2025-06-17T15:45:28.468819Z",
          "legacy_version": "CSAF Conversion",
          "number": "2",
          "summary": "Advisory converted into a CSAF"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "4.0_SP1|4.5",
                "product": {
                  "name": "Invensys Wonderware Information Server Portal: 4.0_SP1|4.5",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Wonderware Information Server Portal"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "4.0_SP1|4.5",
                "product": {
                  "name": "Invensys Wonderware Information Server Client: 4.0_SP1|4.5",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Wonderware Information Server Client"
          }
        ],
        "category": "vendor",
        "name": "Invensys"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-0226",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Invensys has developed software updates to address the reported vulnerabilities. Customers of Invensys running vulnerable versions of Invensys Wonderware Information Server and Invensys Wonderware Historian Client can update their systems to the most recent software updates released by following the steps provided by Invensys. Invensys software updates can be downloaded from the Wonderware Development Network (\u201cSoftware Download\u201d area) and the Infusion Technical Support website: (https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx"
        },
        {
          "category": "mitigation",
          "details": "The following steps are provided by Invensys for update information. Install the Security Update using instructions provided in the ReadMe file for the product and component being installed. In general, the user should proceed as indicated below: Wonderware Information Server \u2013 Portal component: Run the \u201cHotfix Install Utility.\u201d Wonderware Information Server \u2013 Client component: Uninstall the client from Add/Remove Programs (ClientSetup.msi), clear the IE cache (see specific instructions in the Readme file provided with the Security Update) and access the Wonderware Information Server site. If Step 2 and Step 3 are on the same node, perform the functions in Step 2 and also run the \u201cHotfix Install Utility.\u201d",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "In addition to applying the software updates, Invensys has made additional recommendations to customers running vulnerable versions of the Invensys Wonderware Information Server and Invensys Wonderware Historian Client products. Customers using versions of the products prior to Invensys Wonderware Information Server 5.0 and Invensys Wonderware Historian Client 10 SP3 should apply the security update to all nodes where the Portal and Client components are installed. (All browser clients of the portal are affected and should be patched). Customers using the affected versions of Invensys Wonderware Information Server should set the security level settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize the risks presented by these vulnerabilities.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2012-0225",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Invensys has developed software updates to address the reported vulnerabilities. Customers of Invensys running vulnerable versions of Invensys Wonderware Information Server and Invensys Wonderware Historian Client can update their systems to the most recent software updates released by following the steps provided by Invensys. Invensys software updates can be downloaded from the Wonderware Development Network (\u201cSoftware Download\u201d area) and the Infusion Technical Support website: (https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx"
        },
        {
          "category": "mitigation",
          "details": "The following steps are provided by Invensys for update information. Install the Security Update using instructions provided in the ReadMe file for the product and component being installed. In general, the user should proceed as indicated below: Wonderware Information Server \u2013 Portal component: Run the \u201cHotfix Install Utility.\u201d Wonderware Information Server \u2013 Client component: Uninstall the client from Add/Remove Programs (ClientSetup.msi), clear the IE cache (see specific instructions in the Readme file provided with the Security Update) and access the Wonderware Information Server site. If Step 2 and Step 3 are on the same node, perform the functions in Step 2 and also run the \u201cHotfix Install Utility.\u201d",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "In addition to applying the software updates, Invensys has made additional recommendations to customers running vulnerable versions of the Invensys Wonderware Information Server and Invensys Wonderware Historian Client products. Customers using versions of the products prior to Invensys Wonderware Information Server 5.0 and Invensys Wonderware Historian Client 10 SP3 should apply the security update to all nodes where the Portal and Client components are installed. (All browser clients of the portal are affected and should be patched). Customers using the affected versions of Invensys Wonderware Information Server should set the security level settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize the risks presented by these vulnerabilities.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "baseScore": 4.3,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2012-0228",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Invensys has developed software updates to address the reported vulnerabilities. Customers of Invensys running vulnerable versions of Invensys Wonderware Information Server and Invensys Wonderware Historian Client can update their systems to the most recent software updates released by following the steps provided by Invensys. Invensys software updates can be downloaded from the Wonderware Development Network (\u201cSoftware Download\u201d area) and the Infusion Technical Support website: (https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx"
        },
        {
          "category": "mitigation",
          "details": "The following steps are provided by Invensys for update information. Install the Security Update using instructions provided in the ReadMe file for the product and component being installed. In general, the user should proceed as indicated below: Wonderware Information Server \u2013 Portal component: Run the \u201cHotfix Install Utility.\u201d Wonderware Information Server \u2013 Client component: Uninstall the client from Add/Remove Programs (ClientSetup.msi), clear the IE cache (see specific instructions in the Readme file provided with the Security Update) and access the Wonderware Information Server site. If Step 2 and Step 3 are on the same node, perform the functions in Step 2 and also run the \u201cHotfix Install Utility.\u201d",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "In addition to applying the software updates, Invensys has made additional recommendations to customers running vulnerable versions of the Invensys Wonderware Information Server and Invensys Wonderware Historian Client products. Customers using versions of the products prior to Invensys Wonderware Information Server 5.0 and Invensys Wonderware Historian Client 10 SP3 should apply the security update to all nodes where the Portal and Client components are installed. (All browser clients of the portal are affected and should be patched). Customers using the affected versions of Invensys Wonderware Information Server should set the security level settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize the risks presented by these vulnerabilities.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    }
  ]
}

VAR-201204-0145

Vulnerability from variot - Updated: 2023-12-18 12:38

Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to multiple security vulnerabilities, including: 1. A cross-site scripting vulnerability 2. A SQL-injection vulnerability 3. A security-bypass vulnerability Attackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, perform unauthorized actions, obtain sensitive information, redirect a user to a potentially malicious site, cause a denial-of-service condition and compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible. ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch

TITLE: Invensys Wonderware Products Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA48603

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48603

RELEASE DATE: 2012-04-03

DISCUSS ADVISORY: http://secunia.com/advisories/48603/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/48603/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=48603

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Wonderware Information Server and Invensys Wonderware Historian Client, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.

1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation may allow execution of arbitrary code.

The vulnerabilities are reported in Wonderware Information Server versions 4.0 SP1 and 4.5 and Invensys Wonderware Historian Client versions prior to 10 SP3.

SOLUTION: Install patch. Please see original advisory for more information.

PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Terry McCorkle and Billy Rios.

ORIGINAL ADVISORY: http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201204-0145",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wonderware information server",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "invensys",
        "version": "4.5"
      },
      {
        "model": "wonderware information server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "invensys",
        "version": "4.0"
      },
      {
        "model": "wonderware information server sp1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "invensys",
        "version": "4.0"
      },
      {
        "model": "wonderware information server client",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "invensys",
        "version": "4.5"
      },
      {
        "model": "wonderware information server portal",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "invensys",
        "version": "4.5"
      },
      {
        "model": "wonderware information server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "invensys",
        "version": "4.0 sp1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wonderware information server",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wonderware information server",
        "version": "4.5"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "db": "BID",
        "id": "52851"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0228"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:invensys:wonderware_information_server:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-0228"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Terry McCorkle and Billy Rios",
    "sources": [
      {
        "db": "BID",
        "id": "52851"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2012-0228",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2012-0228",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "f985e8c0-2353-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-53509",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-0228",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201204-007",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "f985e8c0-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-53509",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53509"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0228"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server is prone to multiple security vulnerabilities, including:\n1. A cross-site scripting vulnerability\n2. A SQL-injection vulnerability\n3. A security-bypass vulnerability\nAttackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site, steal cookie-based authentication credentials, perform unauthorized actions, obtain sensitive information, redirect a user to a potentially malicious site, cause a denial-of-service condition and compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nInvensys Wonderware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48603\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48603/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603\n\nRELEASE DATE:\n2012-04-03\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48603/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48603/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Wonderware Information\nServer and Invensys Wonderware Historian Client, which can be\nexploited by malicious people to conduct cross-site scripting\nattacks, conduct SQL injection attacks, bypass certain security\nrestrictions, and compromise a vulnerable system. \n\n1) Certain unspecified input is not properly sanitised before being\nreturned to the user. This can be exploited to execute arbitrary HTML\nand script code in a user\u0027s browser session in context of an affected\nsite. \n\n2) Certain unspecified input is not properly sanitised before being\nused in SQL queries. This can be exploited to manipulate SQL queries\nby injecting arbitrary SQL code. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerabilities are reported in Wonderware Information Server\nversions 4.0 SP1 and 4.5 and Invensys Wonderware Historian Client\nversions prior to 10 SP3. \n\nSOLUTION:\nInstall patch. Please see original advisory for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Terry McCorkle and Billy Rios. \n\nORIGINAL ADVISORY:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-0228"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "db": "BID",
        "id": "52851"
      },
      {
        "db": "IVD",
        "id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53509"
      },
      {
        "db": "PACKETSTORM",
        "id": "111526"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-0228",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-062-01",
        "trust": 3.5
      },
      {
        "db": "SECUNIA",
        "id": "48603",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "52851",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1026887",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1026886",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80890",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201204-007",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "F985E8C0-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-53509",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "111526",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53509"
      },
      {
        "db": "BID",
        "id": "52851"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "db": "PACKETSTORM",
        "id": "111526"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0228"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ]
  },
  "id": "VAR-201204-0145",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53509"
      }
    ],
    "trust": 1.6099074
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:38:50.561000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://global.wonderware.com/en/pages/default.aspx"
      },
      {
        "title": "\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://iom.invensys.com/jp/pages/iom_hardwarepartners.aspx"
      },
      {
        "title": "\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30fb\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://iom.invensys.com/jp/pages/iom_softwarepartners.aspx"
      },
      {
        "title": "Wonderware \u65e5\u672c\u306e\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://global.wonderware.com/jp/pages/jppartnerssi.aspx"
      },
      {
        "title": "Wonderware Top Page",
        "trust": 0.8,
        "url": "http://iom.invensys.com/jp/pages/home.aspx"
      },
      {
        "title": "Patch for Invensys Wonderware Information Server client Access Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/15254"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53509"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0228"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.5,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-062-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/48603"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/52851"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80890"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id?1026886"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id?1026887"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0228"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0228"
      },
      {
        "trust": 0.3,
        "url": "global.wonderware.com/en/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48603"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/48603/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/48603/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53509"
      },
      {
        "db": "BID",
        "id": "52851"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "db": "PACKETSTORM",
        "id": "111526"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0228"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53509"
      },
      {
        "db": "BID",
        "id": "52851"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "db": "PACKETSTORM",
        "id": "111526"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0228"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-04-06T00:00:00",
        "db": "IVD",
        "id": "f985e8c0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-04-06T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "date": "2012-04-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-53509"
      },
      {
        "date": "2012-04-02T00:00:00",
        "db": "BID",
        "id": "52851"
      },
      {
        "date": "2012-04-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "date": "2012-04-03T05:45:09",
        "db": "PACKETSTORM",
        "id": "111526"
      },
      {
        "date": "2012-04-02T20:55:01.903000",
        "db": "NVD",
        "id": "CVE-2012-0228"
      },
      {
        "date": "2012-04-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-04-06T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-1743"
      },
      {
        "date": "2018-01-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-53509"
      },
      {
        "date": "2012-04-02T00:00:00",
        "db": "BID",
        "id": "52851"
      },
      {
        "date": "2012-04-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      },
      {
        "date": "2018-01-06T02:29:28.833000",
        "db": "NVD",
        "id": "CVE-2012-0228"
      },
      {
        "date": "2012-04-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Invensys Wonderware Information Server Vulnerable to access restrictions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001986"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201204-007"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-0228 (GCVE-0-2012-0228)

FKIE_CVE-2012-0228

GHSA-C456-VJHW-VJGW

GSD-2012-0228

ICSA-12-062-01

VAR-201204-0145

Tags

Sightings

Nomenclature