CVE-2014-0786

Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
ecavaintegraxor
𝑥
≤ 4.1.4390
ecavaintegraxor
4.1
ecavaintegraxor
4.1.4340
ecavaintegraxor
4.1.4360
ecavaintegraxor
4.1.4369
ecavaintegraxor
4.1.4380
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.integraxor.com/blog/category/security/vulnerability-note/
http://www.integraxor.com/blog/category/security/vulnerability-note/
http://www.integraxor.com/blog/category/security/vulnerability-note/
http://www.integraxor.com/blog/category/security/vulnerability-note/
https://www.cisa.gov/news-events/ics-advisories/icsa-14-091-01
https://www.cisa.gov/news-events/ics-advisories/icsa-14-224-01
http://ics-cert.us-cert.gov/advisories/ICSA-14-091-01
http://www.integraxor.com/blog/category/security/vulnerability-note/