In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator.
References
Link | Resource |
---|---|
https://www.us-cert.gov/ics/advisories/icsa-19-178-05 | Third Party Advisory US Government Resource |
https://www.zerodayinitiative.com/advisories/ZDI-19-622/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2019-06-28T20:05:33
Updated: 2019-07-02T16:06:09
Reserved: 2019-04-08T00:00:00
Link: CVE-2019-10985
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-06-28T21:15:11.117
Modified: 2023-03-02T16:00:33.853
Link: CVE-2019-10985
JSON object: View
Redhat Information
No data.
CWE