CVE-2014-5411
3.5
Vector
AV:N/AC:M/Au:S/C:N/I:P/A:N
Exploitability: 6.8 / Impact: 2.9
Source: NVD
Description
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Affected (9)
Products: Aveva: Clearscada · Schneider Electric: Scada Expert Clearscada
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2010 r3.1 | |
| Version 2013 r2.1 |
References (3)
Source: ics-cert@hq.dhs.gov
Source: ics-cert@hq.dhs.gov
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Timeline
No history available yet.