Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02 | US Government Resource Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2019-03-21T18:17:48
Updated: 2019-03-21T18:17:48
Reserved: 2015-08-17T00:00:00
Link: CVE-2015-6461
JSON object: View
NVD Information
Status : Modified
Published: 2019-03-21T19:29:00.267
Modified: 2024-04-10T12:28:45.957
Link: CVE-2015-6461
JSON object: View
Redhat Information
No data.