CVE-2014-2380 (GCVE-0-2014-2380)

Vulnerability from cvelistv5 – Published: 2014-08-28 01:00 – Updated: 2025-10-31 23:11
VLAI?
Summary
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Schneider Electric Wonderware Information Server Portal Affected: 4.0 SP1
Affected: 4.5
Affected: 5.0
Affected: 5.5
Create a notification for this product.
Credits
Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:14:25.364Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Wonderware Information Server Portal",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "4.0 SP1"
            },
            {
              "status": "affected",
              "version": "4.5"
            },
            {
              "status": "affected",
              "version": "5.0"
            },
            {
              "status": "affected",
              "version": "5.5"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:4.0_sp1:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:4.5:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:5.0:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:5.5:*:*:*:*:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team"
        }
      ],
      "datePublic": "2014-08-26T06:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file."
            }
          ],
          "value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file."
        }
      ],
      "metrics": [
        {
          "cvssV2_0": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-326",
              "description": "CWE-326",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-31T23:11:04.615Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSchneider Electric has created an update for WIS web pages and \ncomponents to address the vulnerabilities listed in this advisory. \nCustomers using all versions of WIS are affected and should upgrade to \nWIS Version 5.5 and then apply the security update.\u003c/p\u003e\n\u003cp\u003eCustomers using the affected versions of WIS should set the security \nlevel settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize \nthe risks presented by these vulnerabilities. In addition, the \nWonderware Information Server Portal can be configured to use HTTPS that\n will require additional steps as documented in the products user \ndocumentation.\u003c/p\u003e\n\u003cp\u003eSchneider Electric has released a security bulletin titled \u201cMultiple \nVulnerabilities in Wonderware Information Server LFSEC00000102\u201d to \nannounce the security update, which is available at the following \nlocation:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf\"\u003ehttps://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Schneider Electric has created an update for WIS web pages and \ncomponents to address the vulnerabilities listed in this advisory. \nCustomers using all versions of WIS are affected and should upgrade to \nWIS Version 5.5 and then apply the security update.\n\n\nCustomers using the affected versions of WIS should set the security \nlevel settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize \nthe risks presented by these vulnerabilities. In addition, the \nWonderware Information Server Portal can be configured to use HTTPS that\n will require additional steps as documented in the products user \ndocumentation.\n\n\nSchneider Electric has released a security bulletin titled \u201cMultiple \nVulnerabilities in Wonderware Information Server LFSEC00000102\u201d to \nannounce the security update, which is available at the following \nlocation:\n\n\n https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf"
        }
      ],
      "source": {
        "advisory": "ICSA-14-238-02",
        "discovery": "EXTERNAL"
      },
      "title": "Schneider Electric Wonderware Inadequate Encryption Strength",
      "x_generator": {
        "engine": "Vulnogram 0.4.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2014-2380",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2014-2380",
    "datePublished": "2014-08-28T01:00:00",
    "dateReserved": "2014-03-13T00:00:00",
    "dateUpdated": "2025-10-31T23:11:04.615Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"325DE4D6-7649-4566-BC6E-1F8DC16FF1A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:portal:*:*:*\", \"matchCriteriaId\": \"C8A82967-0AEC-4C46-91D0-92CA332C9C86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*\", \"matchCriteriaId\": \"D7292C59-D289-4874-8385-B1B2C246F935\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*\", \"matchCriteriaId\": \"8EA37129-F327-4EE6-B1FB-BFB0C3C68856\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:invensys:wonderware_information_server:5.5:*:*:*:portal:*:*:*\", \"matchCriteriaId\": \"FFBE9EBE-6678-4AFC-9052-8EC6B319EB7B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.\"}, {\"lang\": \"es\", \"value\": \"Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 hasta 5.5 utiliza codificaciones d\\u00e9biles, lo que permite a atacantes remotos obtener informaci\\u00f3n sensible mediante la lectura de un fichero de credenciales.\"}]",
      "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/326.html\" target=\"_blank\"\u003eCWE-326: Inadequate Encryption Strength\u003c/a\u003e",
      "id": "CVE-2014-2380",
      "lastModified": "2024-11-21T02:06:10.820",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:N/A:N\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-08-28T01:55:03.123",
      "references": "[{\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-2380\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2014-08-28T01:55:03.123\",\"lastModified\":\"2025-11-01T00:15:32.230\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.\"},{\"lang\":\"es\",\"value\":\"Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 hasta 5.5 utiliza codificaciones d\u00e9biles, lo que permite a atacantes remotos obtener informaci\u00f3n sensible mediante la lectura de un fichero de credenciales.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:N/A:N\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:N/A:N\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-326\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"325DE4D6-7649-4566-BC6E-1F8DC16FF1A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:portal:*:*:*\",\"matchCriteriaId\":\"C8A82967-0AEC-4C46-91D0-92CA332C9C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*\",\"matchCriteriaId\":\"D7292C59-D289-4874-8385-B1B2C246F935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*\",\"matchCriteriaId\":\"8EA37129-F327-4EE6-B1FB-BFB0C3C68856\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invensys:wonderware_information_server:5.5:*:*:*:portal:*:*:*\",\"matchCriteriaId\":\"FFBE9EBE-6678-4AFC-9052-8EC6B319EB7B\"}]}]}],\"references\":[{\"url\":\"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/326.html\\\" target=\\\"_blank\\\"\u003eCWE-326: Inadequate Encryption Strength\u003c/a\u003e\"}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.