CVE-2013-0663 in Modicon Quantum Plcinformation

Résumé

par MITRE

Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the authentication of arbitrary users for requests that execute commands, as demonstrated by modifying HTTP credentials.

Once again VulDB remains the best source for vulnerability data.

Réserver

19/12/2012

Divulgation

04/04/2013

Modérer

accepté

Entrée

VDB-63934

CPE

prêt

Exploitation

Télécharger

EPSS

0.05960

KEV

non

Activités

très faible

Sources

Want to know what is going to be exploited?

We predict KEV entries!