VAR-201804-1573
Vulnerability from variot - Updated: 2023-12-18 13:48A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution. InduSoft Web Studio and InTouch Machine Edition 2017 Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are embedded HMI software packages from Schneider Electric, France. The product provides read, write tag and event monitoring for HMI clients. Multiple Schneider Electric Products are prone to a stack-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected device. Failed exploit attempts will likely cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1573",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web studio",
"scope": "lte",
"trust": 1.0,
"vendor": "indusoft",
"version": "8.1"
},
{
"model": "intouch machine edition 2017",
"scope": "lte",
"trust": 1.0,
"vendor": "industrial",
"version": "8.1"
},
{
"model": "intouch machine",
"scope": "lte",
"trust": 0.8,
"vendor": "schneider electric",
"version": "edition 2017 8.1"
},
{
"model": "wonderware indusoft web studio",
"scope": "lte",
"trust": 0.8,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": "electric indusoft web studio",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=8.1"
},
{
"model": "electric intouch machine edition",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=20178.1"
},
{
"model": "intouch machine edition 2017",
"scope": "eq",
"trust": 0.6,
"vendor": "industrial",
"version": "8.1"
},
{
"model": "intouch machine edition",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "20178.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": "indusoft web studio sp2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.01"
},
{
"model": "indusoft web studio sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.0"
},
{
"model": "indusoft web studio patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.55"
},
{
"model": "indusoft web studio sp patch",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "intouch machine edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "20178.1"
},
{
"model": "indusoft web studio sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "web studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intouch machine edition 2017",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"db": "BID",
"id": "103949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"db": "NVD",
"id": "CVE-2018-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:indusoft:web_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:industrial-software:intouch_machine_edition_2017:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8840"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenable Research",
"sources": [
{
"db": "BID",
"id": "103949"
}
],
"trust": 0.3
},
"cve": "CVE-2018-8840",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-8840",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-08447",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-8840",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-8840",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-08447",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-821",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-8840",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"db": "VULMON",
"id": "CVE-2018-8840"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"db": "NVD",
"id": "CVE-2018-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution. InduSoft Web Studio and InTouch Machine Edition 2017 Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are embedded HMI software packages from Schneider Electric, France. The product provides read, write tag and event monitoring for HMI clients. Multiple Schneider Electric Products are prone to a stack-based buffer-overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected device. Failed exploit attempts will likely cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8840"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"db": "BID",
"id": "103949"
},
{
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"db": "VULMON",
"id": "CVE-2018-8840"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-8840",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-107-01",
"trust": 3.4
},
{
"db": "BID",
"id": "103949",
"trust": 2.0
},
{
"db": "TENABLE",
"id": "TRA-2018-07",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2018-08447",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201804-821",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004280",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2ED3CA0-39AB-11E9-A805-000C29342CB1",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2018-8840",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"db": "VULMON",
"id": "CVE-2018-8840"
},
{
"db": "BID",
"id": "103949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"db": "NVD",
"id": "CVE-2018-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
]
},
"id": "VAR-201804-1573",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08447"
}
],
"trust": 1.53946735
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08447"
}
]
},
"last_update_date": "2023-12-18T13:48:15.413000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wonderware InduSoft Web Studio",
"trust": 0.8,
"url": "http://www.indusoft.com/marketing/article/artmid/684/articleid/667/introduction-to-wonderware-indusoft-web-studio"
},
{
"title": "Wonderware InTouch Machine Edition",
"trust": 0.8,
"url": "https://www.wonderware.com/hmi-scada/intouch-machine-edition/?utm_source=situation-awareness.com\u0026utm_medium=situation-awareness.com"
},
{
"title": "Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Editiony Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/127447"
},
{
"title": "Schneider Electric InduSoft Web Studio and InTouch Machine Edition Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80186"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/schneider-electric-patches-critical-rce-vulnerability/131610/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"db": "VULMON",
"id": "CVE-2018-8840"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"db": "NVD",
"id": "CVE-2018-8840"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-107-01"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/103949"
},
{
"trust": 1.7,
"url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000125/"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/research/tra-2018-07"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8840"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8840"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
},
{
"trust": 0.3,
"url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000125/%20"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/schneider-electric-patches-critical-rce-vulnerability/131610/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"db": "VULMON",
"id": "CVE-2018-8840"
},
{
"db": "BID",
"id": "103949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"db": "NVD",
"id": "CVE-2018-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"db": "VULMON",
"id": "CVE-2018-8840"
},
{
"db": "BID",
"id": "103949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"db": "NVD",
"id": "CVE-2018-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"date": "2018-04-18T00:00:00",
"db": "VULMON",
"id": "CVE-2018-8840"
},
{
"date": "2018-04-17T00:00:00",
"db": "BID",
"id": "103949"
},
{
"date": "2018-06-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"date": "2018-04-18T20:29:00.920000",
"db": "NVD",
"id": "CVE-2018-8840"
},
{
"date": "2018-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08447"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-8840"
},
{
"date": "2018-04-17T00:00:00",
"db": "BID",
"id": "103949"
},
{
"date": "2018-06-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004280"
},
{
"date": "2019-10-09T23:42:55.707000",
"db": "NVD",
"id": "CVE-2018-8840"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "InduSoft Web Studio and InTouch Machine Edition 2017 Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2ed3ca0-39ab-11e9-a805-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-821"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…