A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/97479 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-17-096-01A | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2017-05-06T00:00:00
Updated: 2017-05-08T09:57:01
Reserved: 2017-02-16T00:00:00
Link: CVE-2017-6031
JSON object: View
NVD Information
Status : Modified
Published: 2017-05-06T00:29:00.240
Modified: 2019-10-09T23:28:35.747
Link: CVE-2017-6031
JSON object: View
Redhat Information
No data.