VAR-200801-0247
Vulnerability from variot - Updated: 2024-03-02 23:20GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges. GE Fanuc Proficy Information Portal , the authentication information is sent in clear text. The attacker obtains authentication information by intercepting this communication, Portal may be invaded. GE Fanuc Proficy Information Portal is a web-based system status reporting system that connects production information systems and inter-company networks and handles data such as production information in an integrated manner online. this Proficy Information Portal Because the credentials are sent in clear text, it is possible for an attacker to intercept this communication and obtain the credentials.Credentials may be obtained by an attacker who can intercept communications. Information obtained may lead to further attacks. Background
GE-Fanuc's Proficy Information Portal 2.6 is a web based reporting application for the SCADA environment. As such it will usually be installed in a buffer zone between the SCADA and the corporate network, which makes it a very sensitive application as it can access both networks.
Description
The login process of Proficy involves sending the username in cleartext and the password in Base64 encoded format.
Workaround/Fix
The vendor issued a KB article on how to resolve this vulnerability at the GE-Fanuc website, yet the proposed solution was not verified by C4.
Additional Information
For additional information please contact us at info@c4-security.com. Note that we will respond only to verified utility personnel and governmental agencies. The CVE identifier assigned to this vulnerability by CERT is CVE-2008-0174
Credit
This vulnerability was discovered by Eyal Udassin of C4.
Regards,
Eyal Udassin - C4 (Formerly Swift Coders) 33 Jabotinsky St. The Twin Towers #1, Ramat Gan, Israel eyal.udassin@c4-security.com / www.c4-security.com http://www.c4-security.com/ +972-547-684989
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200801-0247",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "proficy real-time information portal",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "2.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ge fanuc",
"version": null
},
{
"model": "proficy real-time information portal",
"scope": "lte",
"trust": 0.8,
"vendor": "ge fanuc",
"version": "2.6 and earlier"
},
{
"model": "proficy real-time information portal",
"scope": "eq",
"trust": 0.8,
"vendor": "ge fanuc",
"version": null
},
{
"model": "proficy real-time information portal",
"scope": "eq",
"trust": 0.6,
"vendor": "ge fanuc",
"version": "2.6"
},
{
"model": "fanuc proficy real-time information portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "proficy real time information portal",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#180876"
},
{
"db": "BID",
"id": "30754"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
},
{
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ge_fanuc:proficy_real-time_information_portal:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "C4",
"sources": [
{
"db": "BID",
"id": "30754"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
}
],
"trust": 0.9
},
"cve": "CVE-2008-0174",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2008-0174",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "0642781e-2352-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2008-0174",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-0174",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#180876",
"trust": 0.8,
"value": "0.17"
},
{
"author": "CNNVD",
"id": "CNNVD-200801-408",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#180876"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
},
{
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges. GE Fanuc Proficy Information Portal , the authentication information is sent in clear text. The attacker obtains authentication information by intercepting this communication, Portal may be invaded. GE Fanuc Proficy Information Portal is a web-based system status reporting system that connects production information systems and inter-company networks and handles data such as production information in an integrated manner online. this Proficy Information Portal Because the credentials are sent in clear text, it is possible for an attacker to intercept this communication and obtain the credentials.Credentials may be obtained by an attacker who can intercept communications. Information obtained may lead to further attacks. Background\n-----------------\nGE-Fanuc\u0027s Proficy Information Portal 2.6 is a web based reporting\napplication for the SCADA environment. As such it will usually be installed\nin a buffer zone between the SCADA and the corporate network, which makes it\na very sensitive application as it can access both networks. \n \nDescription\n----------------\nThe login process of Proficy involves sending the username in cleartext and\nthe password in Base64 encoded format. \n \nWorkaround/Fix\n-----------------------\nThe vendor issued a KB article on how to resolve this vulnerability at the\nGE-Fanuc website, yet the proposed solution was not verified by C4. \n \nAdditional Information\n-------------------------------\nFor additional information please contact us at info@c4-security.com. Note\nthat we will respond only to verified utility personnel and governmental\nagencies. \nThe CVE identifier assigned to this vulnerability by CERT is CVE-2008-0174\n \nCredit\n---------\nThis vulnerability was discovered by Eyal Udassin of C4. \n \nRegards,\n \nEyal Udassin - C4 (Formerly Swift Coders)\n33 Jabotinsky St. The Twin Towers #1, Ramat Gan, Israel\neyal.udassin@c4-security.com / www.c4-security.com\n\u003chttp://www.c4-security.com/\u003e \n+972-547-684989\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0174"
},
{
"db": "CERT/CC",
"id": "VU#180876"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"db": "BID",
"id": "30754"
},
{
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "63006"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-0174",
"trust": 3.8
},
{
"db": "CERT/CC",
"id": "VU#180876",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1019273",
"trust": 2.4
},
{
"db": "BID",
"id": "30754",
"trust": 1.9
},
{
"db": "SREASON",
"id": "3590",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-200801-408",
"trust": 0.8
},
{
"db": "EXPLOIT-DB",
"id": "6921",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001053",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20080129 RE: C4 SECURITY ADVISORY - GE FANUC PROFICY INFORMATION PORTAL 2.6 AUTHENTICATION VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080125 C4 SECURITY ADVISORY - GE FANUC PROFICY INFORMATION PORTAL 2.6 AUTHENTICATION VULNERABILITY",
"trust": 0.6
},
{
"db": "IVD",
"id": "0642781E-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "63006",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#180876"
},
{
"db": "BID",
"id": "30754"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"db": "PACKETSTORM",
"id": "63006"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
},
{
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"id": "VAR-200801-0247",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
}
],
"trust": 0.5820513
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
}
]
},
"last_update_date": "2024-03-02T23:20:39.974000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "KB12459 GE\u00a0Fanuc",
"trust": 0.8,
"url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=kb12459"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001053"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-312",
"trust": 1.0
},
{
"problemtype": "Plaintext storage of important information (CWE-312) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=kb12459"
},
{
"trust": 2.4,
"url": "http://securitytracker.com/id?1019273"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/180876"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/30754"
},
{
"trust": 1.6,
"url": "http://securityreason.com/securityalert/3590"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/487075/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/487244/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/487075/30/0/threaded"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/324274"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/iis/36ea667e-c578-43b5-87fa-a2f174efb27a.mspx"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/iis/523ae943-5e6a-4200-9103-9808baa00157.mspx"
},
{
"trust": 0.8,
"url": "http://www.gefanuc.com/as_en/gefanuc/resource_center/hmi_scada/hmiscada_security.html"
},
{
"trust": 0.8,
"url": "http://java.sun.com/j2se/1.5.0/docs/guide/rmi/socketfactory/sslinfo.html"
},
{
"trust": 0.8,
"url": "http://java.sun.com/j2se/1.5.0/docs/guide/rmi/socketfactory/index.html"
},
{
"trust": 0.8,
"url": "http://www.digitalmunition.com/hooked_on_fanucs.rb"
},
{
"trust": 0.8,
"url": "http://www.digitalmunition.com/rtipsniff.rb"
},
{
"trust": 0.8,
"url": "http://www.milw0rm.com/exploits/6921"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23180876/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0174"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/487075/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/487244/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.gefanuc.com/as_en/products_solutions/production_management/products/proficy_portal.html"
},
{
"trust": 0.3,
"url": "/archive/1/487075"
},
{
"trust": 0.1,
"url": "http://www.c4-security.com/\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0174"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180876"
},
{
"db": "BID",
"id": "30754"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"db": "PACKETSTORM",
"id": "63006"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
},
{
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#180876"
},
{
"db": "BID",
"id": "30754"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"db": "PACKETSTORM",
"id": "63006"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
},
{
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-01-28T00:00:00",
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2008-01-25T00:00:00",
"db": "CERT/CC",
"id": "VU#180876"
},
{
"date": "2008-01-25T00:00:00",
"db": "BID",
"id": "30754"
},
{
"date": "2008-02-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"date": "2008-01-26T00:14:33",
"db": "PACKETSTORM",
"id": "63006"
},
{
"date": "2008-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200801-408"
},
{
"date": "2008-01-29T02:00:00",
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-11-13T00:00:00",
"db": "CERT/CC",
"id": "VU#180876"
},
{
"date": "2008-11-10T16:45:00",
"db": "BID",
"id": "30754"
},
{
"date": "2024-03-01T04:50:00",
"db": "JVNDB",
"id": "JVNDB-2008-001053"
},
{
"date": "2008-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200801-408"
},
{
"date": "2024-02-14T15:31:48.540000",
"db": "NVD",
"id": "CVE-2008-0174"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GE Fanuc Proficy Real-Time Information Portal Sensitive Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "0642781e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200801-408"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…