VAR-201904-0506
Vulnerability from variot - Updated: 2023-12-18 12:43A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Honeywell Experion PKS Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Honeywell EPKS is used in the automation and control of industrial and production processes and is a distributed control system solution, including a web-based SCADA system. The Honeywell Experion PKS presence file contains a vulnerability because it fails to adequately filter the input provided by the user. An attacker could exploit this vulnerability to obtain sensitive information or execute arbitrary script code in the context of a web server process. The following versions are affected: Honeywell Experion R40x versions prior to Experion PKS R400.6 Honeywell Experion R41x versions prior to Experion PKS R410.6 Honeywell Experion R43x versions prior to Experion PKS R430.2. An attacker could exploit the vulnerability via a file inclusion attack by submitting a crafted function to the affected software.
Honeywell has confirmed the vulnerability and released updated software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0506",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r400"
},
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r430"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r400.6"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r410.6"
},
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r410"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r430.2"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r43x"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r41x"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r430.2"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r410.6"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r400.6"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r40x"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "experion process knowledge system",
"version": "*"
},
{
"model": "experion pks r40x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r41x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r43x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"db": "NVD",
"id": "CVE-2014-9186"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r400.6",
"versionStartIncluding": "r400",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r410.6",
"versionStartIncluding": "r410",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r430.2",
"versionStartIncluding": "r430",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9186"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kirill Nesterov,Alexander Tlyapov, Gleb Gritsai, Artem Chaykin and Ilya Karpov of the Positive Technologies Research Team and Security Lab",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
],
"trust": 0.6
},
"cve": "CVE-2014-9186",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-9186",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-09111",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2014-9186",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-9186",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2014-09111",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-506",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2014-9186",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"db": "VULMON",
"id": "CVE-2014-9186"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"db": "NVD",
"id": "CVE-2014-9186"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Honeywell Experion PKS Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Honeywell EPKS is used in the automation and control of industrial and production processes and is a distributed control system solution, including a web-based SCADA system. The Honeywell Experion PKS presence file contains a vulnerability because it fails to adequately filter the input provided by the user. An attacker could exploit this vulnerability to obtain sensitive information or execute arbitrary script code in the context of a web server process. \nThe following versions are affected:\nHoneywell Experion R40x versions prior to Experion PKS R400.6\nHoneywell Experion R41x versions prior to Experion PKS R410.6\nHoneywell Experion R43x versions prior to Experion PKS R430.2. An attacker could exploit the vulnerability via a file inclusion attack by submitting a crafted function to the affected software. \n\nHoneywell has confirmed the vulnerability and released updated software",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9186"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"db": "BID",
"id": "71753"
},
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2014-9186"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9186",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-14-352-01",
"trust": 2.5
},
{
"db": "BID",
"id": "71753",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-09111",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-506",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008658",
"trust": 0.8
},
{
"db": "IVD",
"id": "B3AA354C-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2014-9186",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"db": "VULMON",
"id": "CVE-2014-9186"
},
{
"db": "BID",
"id": "71753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"db": "NVD",
"id": "CVE-2014-9186"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
]
},
"id": "VAR-201904-0506",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09111"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09111"
}
]
},
"last_update_date": "2023-12-18T12:43:36.628000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Experion PKS",
"trust": 0.8,
"url": "https://www.honeywellprocess.com/en-us/explore/products/control-monitoring-and-safety-systems/integrated-control-and-safety-systems/experion-pks/pages/default.aspx"
},
{
"title": "Honeywell Experion PKS file contains patches for vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/53116"
},
{
"title": "Honeywell International Experion PKS Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91622"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"db": "NVD",
"id": "CVE-2014-9186"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-352-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9186"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9186"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/71753"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"db": "VULMON",
"id": "CVE-2014-9186"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"db": "NVD",
"id": "CVE-2014-9186"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"db": "VULMON",
"id": "CVE-2014-9186"
},
{
"db": "BID",
"id": "71753"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"db": "NVD",
"id": "CVE-2014-9186"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-25T00:00:00",
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-12-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"date": "2019-04-08T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9186"
},
{
"date": "2014-12-19T00:00:00",
"db": "BID",
"id": "71753"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"date": "2019-04-08T16:29:00.493000",
"db": "NVD",
"id": "CVE-2014-9186"
},
{
"date": "2014-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-09111"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9186"
},
{
"date": "2014-12-19T00:00:00",
"db": "BID",
"id": "71753"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008658"
},
{
"date": "2019-10-09T23:12:24.250000",
"db": "NVD",
"id": "CVE-2014-9186"
},
{
"date": "2019-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honeywell Experion PKS File contains vulnerabilities",
"sources": [
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09111"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation error",
"sources": [
{
"db": "IVD",
"id": "b3aa354c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "BID",
"id": "71753"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-506"
}
],
"trust": 1.1
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…