var-201407-0237
Vulnerability from variot
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists with the bwocxrun ActiveX control, which allows for navigation from the network to the local file system. When combined with system settings and other components included as part of the installation, this allows for the activation of ActiveX controls resident on the local file system (even if not installed) without user interaction. An attacker can use this to install vulnerable controls on the target system. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to a remote security weakness. This may aid in further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a security vulnerability in the 'BrowseFolder' method in the bwocxrun ActiveX control of Advantech WebAccess 7.1 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0237",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "eq",
"trust": 1.6,
"vendor": "advantech",
"version": "6.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 1.6,
"vendor": "advantech",
"version": "5.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 1.6,
"vendor": "advantech",
"version": "7.0"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 1.2,
"vendor": "advantech",
"version": "7.1"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "7.1"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "advantech webaccess",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "advantech webaccess",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "advantech webaccess",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "advantech webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"db": "NVD",
"id": "CVE-2014-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:advantech_webaccess:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:advantech:advantech_webaccess:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:advantech:advantech_webaccess:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:advantech:advantech_webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2368"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-245"
}
],
"trust": 0.7
},
"cve": "CVE-2014-2368",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-2368",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-2368",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-04532",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e49f790a-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-70307",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-2368",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2014-2368",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-04532",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201407-480",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-70307",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"db": "VULHUB",
"id": "VHN-70307"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"db": "NVD",
"id": "CVE-2014-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists with the bwocxrun ActiveX control, which allows for navigation from the network to the local file system. When combined with system settings and other components included as part of the installation, this allows for the activation of ActiveX controls resident on the local file system (even if not installed) without user interaction. An attacker can use this to install vulnerable controls on the target system. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess is prone to a remote security weakness. This may aid in further attacks. \nAdvantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There is a security vulnerability in the \u0027BrowseFolder\u0027 method in the bwocxrun ActiveX control of Advantech WebAccess 7.1 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2368"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"db": "BID",
"id": "68715"
},
{
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-70307"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2368",
"trust": 4.5
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-02",
"trust": 3.1
},
{
"db": "CNNVD",
"id": "CNNVD-201407-480",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-04532",
"trust": 1.0
},
{
"db": "BID",
"id": "68715",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2061",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-245",
"trust": 0.7
},
{
"db": "IVD",
"id": "7D7FC401-463F-11E9-82E2-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "E49F790A-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-70307",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"db": "VULHUB",
"id": "VHN-70307"
},
{
"db": "BID",
"id": "68715"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"db": "NVD",
"id": "CVE-2014-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
]
},
"id": "VAR-201407-0237",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"db": "VULHUB",
"id": "VHN-70307"
}
],
"trust": 1.5326718400000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
}
]
},
"last_update_date": "2023-12-18T13:14:46.647000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Downloads ::: WebAccess Software",
"trust": 0.8,
"url": "http://webaccess.advantech.com/downloads.php?item=software"
},
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://webaccess.advantech.com/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-02"
},
{
"title": "Advantech WebAccess bwocxrun unsafe ActiveX control information disclosure vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/47825"
},
{
"title": "AdvantechWebAccessCHNNode_20140606_3.4.3",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=50905"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70307"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"db": "NVD",
"id": "CVE-2014-2368"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2368"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2368"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"db": "VULHUB",
"id": "VHN-70307"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"db": "NVD",
"id": "CVE-2014-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"db": "VULHUB",
"id": "VHN-70307"
},
{
"db": "BID",
"id": "68715"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"db": "NVD",
"id": "CVE-2014-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-24T00:00:00",
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"date": "2014-07-24T00:00:00",
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-07-18T00:00:00",
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"date": "2014-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"date": "2014-07-19T00:00:00",
"db": "VULHUB",
"id": "VHN-70307"
},
{
"date": "2014-07-18T00:00:00",
"db": "BID",
"id": "68715"
},
{
"date": "2014-07-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"date": "2014-07-19T05:09:27.753000",
"db": "NVD",
"id": "CVE-2014-2368"
},
{
"date": "2014-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-18T00:00:00",
"db": "ZDI",
"id": "ZDI-14-245"
},
{
"date": "2014-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04532"
},
{
"date": "2014-07-23T00:00:00",
"db": "VULHUB",
"id": "VHN-70307"
},
{
"date": "2014-07-22T00:07:00",
"db": "BID",
"id": "68715"
},
{
"date": "2014-07-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003491"
},
{
"date": "2014-07-23T18:48:01.977000",
"db": "NVD",
"id": "CVE-2014-2368"
},
{
"date": "2014-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess bwocxrun Unsafe ActiveX Control Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7fc401-463f-11e9-82e2-000c29342cb1"
},
{
"db": "IVD",
"id": "e49f790a-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-04532"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-480"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.