CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-2380

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.5%

CVSS Severity

CVSS v2 Score 7.8

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02
https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02

Products affected by CVE-2014-2380

Invensys » Wonderware Information Server » Version: 4.0

cpe:2.3:a:invensys:wonderware_information_server:4.0
Invensys » Wonderware Information Server » Version: 4.5

cpe:2.3:a:invensys:wonderware_information_server:4.5
Invensys » Wonderware Information Server » Version: 5.0

cpe:2.3:a:invensys:wonderware_information_server:5.0
Invensys » Wonderware Information Server » Version: 5.5

cpe:2.3:a:invensys:wonderware_information_server:5.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2380

Products

Pricing

Contact Us