{"containers": {"cna": {"affected": [{"product": "FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.)", "vendor": "Schneider Electric SE", "versions": [{"status": "affected", "version": "FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.)"}]}], "datePublic": "2018-12-24T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission."}], "problemTypes": [{"descriptions": [{"description": "Credential Management", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-24T15:57:01.000Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@schneider-electric.com", "ID": "CVE-2018-7793", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.)", "version": {"version_data": [{"version_value": "FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.)"}]}}]}, "vendor_name": "Schneider Electric SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Credential Management"}]}]}, "references": {"reference_data": [{"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/", "refsource": "CONFIRM", "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:37:59.019Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/"}]}]}, "cveMetadata": {"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2018-7793", "datePublished": "2018-12-24T16:00:00.000Z", "dateReserved": "2018-03-08T00:00:00.000Z", "dateUpdated": "2024-08-05T06:37:59.019Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:foxboro_dcs:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBD743B7-7CED-46B6-9ECD-0C082BD8F5DB", "versionEndExcluding": "ccs_9.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:foxboro_evo:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE0621CA-DEB5-46C6-8F6C-EABA5DA04DFE", "versionEndExcluding": "ccs_9.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:foxview:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "875225C7-6546-41BB-96DB-450F5C99494E", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:ia_series:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EDC2A27-E072-4D61-9A35-714571A3E9A1", "versionEndExcluding": "ccs_9.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission."}, {"lang": "es", "value": "Existe una vulnerabilidad de gesti\u00f3n de credenciales en FoxView HMI SCADA (todas las versiones de Foxboro DCS, Foxboro Evo e IA Series anteriores a Foxboro DCS Control Core Services 9.4 (CCS 9.4) y FoxView 10.5.) que podr\u00eda permitir la divulgaci\u00f3n, modificaci\u00f3n o interrupci\u00f3n no autorizada del servicio cuando se modifica la contrase\u00f1a sin permiso."}], "id": "CVE-2018-7793", "lastModified": "2024-11-21T04:12:44.750", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-24T16:29:00.640", "references": [{"source": "cybersecurity@se.com", "tags": ["Vendor Advisory"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}