Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or cause a denial of service (resource consumption) via unknown vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C
Vendors Products
Invensys
  • Wonderware Information Server

Configuration 1 [-]

OR cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1sp1:*:*:*:*:*:*
cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*
cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*
References
Link Resource
http://ics-cert.us-cert.gov/advisories/ICSA-13-113-01 US Government Resource
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2022-10-03T16:15:05

Updated: 2022-10-03T16:15:05

Reserved: 2022-10-03T00:00:00

Link: CVE-2013-0685

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2013-05-09T12:31:18.970

Modified: 2013-05-09T12:31:18.970

Link: CVE-2013-0685

JSON object: View

cve-icon Redhat Information

No data.

CWE