CVE-2016-4510

The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
VendorProductVersion
trihedralvtscada
10.1.05
trihedralvtscada
10.1.06
trihedralvtscada
10.1.07
trihedralvtscada
10.1.12
trihedralvtscada
10.0.11
trihedralvtscada
10.0.13
trihedralvtscada
10.0.14
trihedralvtscada
10.0.16
trihedralvtscada
10.0.17
trihedralvtscada
11.1.05
trihedralvtscada
11.1.06
trihedralvtscada
11.1.09
trihedralvtscada
11.1.10
trihedralvtscada
11.1.13
trihedralvtscada
11.1.14
trihedralvtscada
11.1.15
trihedralvtscada
11.1.16
trihedralvtscada
11.1.17
trihedralvtscada
11.1.18
trihedralvtscada
11.1.19
trihedralvtscada
11.1.20
trihedralvtscada
11.1.21
trihedralvtscada
11.1.22
trihedralvtscada
11.1.24
trihedralvtscada
8.0.05
trihedralvtscada
8.0.12
trihedralvtscada
8.0.16
trihedralvtscada
8.0.18
trihedralvtscada
8.1.05
trihedralvtscada
8.1.06
trihedralvtscada
10.2.05
trihedralvtscada
10.2.07
trihedralvtscada
10.2.08
trihedralvtscada
10.2.11
trihedralvtscada
10.2.13
trihedralvtscada
10.2.14
trihedralvtscada
10.2.15
trihedralvtscada
10.2.17
trihedralvtscada
10.2.19
trihedralvtscada
10.2.20
trihedralvtscada
10.2.21
trihedralvtscada
10.2.22
trihedralvtscada
9.0.02
trihedralvtscada
9.0.03
trihedralvtscada
9.0.08
trihedralvtscada
9.1.02
trihedralvtscada
9.1.03
trihedralvtscada
9.1.05
trihedralvtscada
9.1.09
trihedralvtscada
9.1.11
trihedralvtscada
9.1.14
trihedralvtscada
9.1.20
trihedralvtscada
11.0.05
trihedralvtscada
11.0.07
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/91077
http://www.zerodayinitiative.com/advisories/ZDI-16-404
https://ics-cert.us-cert.gov/advisories/ICSA-16-159-01
http://www.securityfocus.com/bid/91077
http://www.zerodayinitiative.com/advisories/ZDI-16-404
https://ics-cert.us-cert.gov/advisories/ICSA-16-159-01