CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9197

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.1%

CVSS Severity

CVSS v2 Score 7.8

References

Products affected by CVE-2014-9197

Schneider-Electric » Tsxetg3000 » Version: N/A

cpe:2.3:h:schneider-electric:tsxetg3000:-
Schneider-Electric » Tsxetg3010 » Version: N/A

cpe:2.3:h:schneider-electric:tsxetg3010:-
Schneider-Electric » Tsxetg3021 » Version: N/A

cpe:2.3:h:schneider-electric:tsxetg3021:-
Schneider-Electric » Tsxetg3022 » Version: N/A

cpe:2.3:h:schneider-electric:tsxetg3022:-
Schneider-Electric » Etg3000 Factorycast Hmi Gateway Firmware » Version: 1.60.2

cpe:2.3:o:schneider-electric:etg3000_factorycast_hmi_gateway_firmware:1.60.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9197

Products

Pricing

Contact Us