VAR-201405-0459
Vulnerability from variot - Updated: 2023-12-18 12:30Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the "guest" user. The issue lies in the ability the retrieve all project credentials. By abusing this flaw an attacker can disclose credentials and leverage this situation to achieve remote code execution. Ecava IntegraXor is a human interface product that uses HTML and SVG. Ecava IntegraXor has an unspecified error that allows an attacker to exploit a vulnerability to obtain sensitive account information. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Ecava IntegraXor is prone to an information-disclosure vulnerability. Versions prior to IntegraXor 4.1.4393 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0459",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "integraxor",
"scope": "eq",
"trust": 1.6,
"vendor": "ecava",
"version": "4.1.4360"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 1.6,
"vendor": "ecava",
"version": "4.1"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 1.6,
"vendor": "ecava",
"version": "4.1.4369"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 1.6,
"vendor": "ecava",
"version": "4.1.4380"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 1.6,
"vendor": "ecava",
"version": "4.1.4340"
},
{
"model": "integraxor",
"scope": null,
"trust": 1.4,
"vendor": "ecava",
"version": null
},
{
"model": "integraxor",
"scope": "lte",
"trust": 1.0,
"vendor": "ecava",
"version": "4.1.4390"
},
{
"model": "integraxor",
"scope": "lt",
"trust": 0.8,
"vendor": "ecava",
"version": "4.1.4393"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.6,
"vendor": "ecava",
"version": "4.x"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.6,
"vendor": "ecava",
"version": "4.1.4390"
},
{
"model": "integraxor scada server",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "4.1.4392"
},
{
"model": "integraxor scada server",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "4.1.4360"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.71.4200"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.60.4050"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.60.4032"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.60"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.6.4000.5"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.6.4000.0"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.5.4000.5"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.5.3900.5"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.5.3900.10"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.3,
"vendor": "ecava",
"version": "3.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "integraxor",
"version": "4.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "integraxor",
"version": "4.1.4340"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "integraxor",
"version": "4.1.4360"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "integraxor",
"version": "4.1.4369"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "integraxor",
"version": "4.1.4380"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "integraxor",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"db": "BID",
"id": "69776"
},
{
"db": "BID",
"id": "66554"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"db": "NVD",
"id": "CVE-2014-0786"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ecava:integraxor:4.1.4380:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ecava:integraxor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.4390",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ecava:integraxor:4.1.4360:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ecava:integraxor:4.1.4340:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ecava:integraxor:4.1.4369:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ecava:integraxor:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0786"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi (rgod)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-369"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0786",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0786",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 1.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-0786",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-02109",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "06e54bac-2352-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0786",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2014-0786",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-02109",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-616",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"db": "NVD",
"id": "CVE-2014-0786"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the \"guest\" user. The issue lies in the ability the retrieve all project credentials. By abusing this flaw an attacker can disclose credentials and leverage this situation to achieve remote code execution. Ecava IntegraXor is a human interface product that uses HTML and SVG. Ecava IntegraXor has an unspecified error that allows an attacker to exploit a vulnerability to obtain sensitive account information. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Ecava IntegraXor is prone to an information-disclosure vulnerability. \nVersions prior to IntegraXor 4.1.4393 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0786"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"db": "BID",
"id": "69776"
},
{
"db": "BID",
"id": "66554"
},
{
"db": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d"
}
],
"trust": 4.14
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0786",
"trust": 5.2
},
{
"db": "ICS CERT",
"id": "ICSA-14-091-01",
"trust": 2.4
},
{
"db": "BID",
"id": "66554",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-02109",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201404-616",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002340",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2310",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-369",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2041",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-117",
"trust": 0.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-224-01",
"trust": 0.3
},
{
"db": "BID",
"id": "69776",
"trust": 0.3
},
{
"db": "IVD",
"id": "06E54BAC-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"db": "BID",
"id": "69776"
},
{
"db": "BID",
"id": "66554"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"db": "NVD",
"id": "CVE-2014-0786"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
]
},
"id": "VAR-201405-0459",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
}
],
"trust": 1.0713851600000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
}
]
},
"last_update_date": "2023-12-18T12:30:40.922000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Account Information Disclosure Vulnerability Note",
"trust": 0.8,
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
},
{
"title": "Ecava has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-224-01"
},
{
"title": "Ecava has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-091-01"
},
{
"title": "Ecava IntegraXor Account Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/44617"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002340"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"db": "NVD",
"id": "CVE-2014-0786"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-091-01"
},
{
"trust": 1.6,
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
},
{
"trust": 1.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-224-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0786"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0786"
},
{
"trust": 0.6,
"url": "http://www.integraxor.com/blog/account-information-disclosure-vulnerability-note/"
},
{
"trust": 0.6,
"url": "http://www.integraxor.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"db": "BID",
"id": "69776"
},
{
"db": "BID",
"id": "66554"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"db": "NVD",
"id": "CVE-2014-0786"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"db": "BID",
"id": "69776"
},
{
"db": "BID",
"id": "66554"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"db": "NVD",
"id": "CVE-2014-0786"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-03T00:00:00",
"db": "IVD",
"id": "06e54bac-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"date": "2014-05-02T00:00:00",
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"date": "2014-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"date": "2014-09-11T00:00:00",
"db": "BID",
"id": "69776"
},
{
"date": "2014-04-01T00:00:00",
"db": "BID",
"id": "66554"
},
{
"date": "2014-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"date": "2014-05-01T01:56:10.490000",
"db": "NVD",
"id": "CVE-2014-0786"
},
{
"date": "2014-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-24T00:00:00",
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"date": "2014-05-02T00:00:00",
"db": "ZDI",
"id": "ZDI-14-117"
},
{
"date": "2014-05-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02109"
},
{
"date": "2014-09-11T00:00:00",
"db": "BID",
"id": "69776"
},
{
"date": "2014-10-29T00:59:00",
"db": "BID",
"id": "66554"
},
{
"date": "2014-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002340"
},
{
"date": "2014-05-01T16:18:09.443000",
"db": "NVD",
"id": "CVE-2014-0786"
},
{
"date": "2014-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ecava IntegraXor Guest Acccount Information Disclosure Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-369"
},
{
"db": "ZDI",
"id": "ZDI-14-117"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-616"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…