CVE-2014-0786

EUVD-2014-0817
Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
ecavaintegraxor
𝑥
≤ 4.1.4390
ecavaintegraxor
4.1
ecavaintegraxor
4.1.4340
ecavaintegraxor
4.1.4360
ecavaintegraxor
4.1.4369
ecavaintegraxor
4.1.4380
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.integraxor.com/blog/category/security/vulnerability-note/
http://www.integraxor.com/blog/category/security/vulnerability-note/
https://www.cisa.gov/news-events/ics-advisories/icsa-14-091-01
https://www.cisa.gov/news-events/ics-advisories/icsa-14-224-01
http://ics-cert.us-cert.gov/advisories/ICSA-14-091-01
http://www.integraxor.com/blog/category/security/vulnerability-note/