CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-0684

SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://ics-cert.us-cert.gov/advisories/ICSA-13-113-01
http://ics-cert.us-cert.gov/advisories/ICSA-13-113-01

Products affected by CVE-2013-0684

Invensys » Wonderware Information Server » Version: 4.0

cpe:2.3:a:invensys:wonderware_information_server:4.0
Invensys » Wonderware Information Server » Version: 4.5

cpe:2.3:a:invensys:wonderware_information_server:4.5
Invensys » Wonderware Information Server » Version: 5.0

cpe:2.3:a:invensys:wonderware_information_server:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0684

Products

Pricing

Contact Us