Lucene search
MitreCVE-2011-3496HistorySep 16, 2011 - 5:26 p.m.
CVE-2011-3496
2011-09-1617:26:14
CWE-20
mitre
web.nvd.nist.gov
35
cve
2011
3496
measuresoft
scadapro
remote attackers
execute
arbitrary commands
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.9
Confidence
Low
EPSS
0.109
Percentile
95.1%
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
Affected configurations
Node
measuresoftscadaproRange≤4.0.0
ORmeasuresoftscadaproMatch2.1
ORmeasuresoftscadaproMatch2.2
ORmeasuresoftscadaproMatch2.3
ORmeasuresoftscadaproMatch2.4
ORmeasuresoftscadaproMatch2.4.1
ORmeasuresoftscadaproMatch2.4.2
ORmeasuresoftscadaproMatch2.4.3
ORmeasuresoftscadaproMatch2.4.4
ORmeasuresoftscadaproMatch2.4.5
ORmeasuresoftscadaproMatch2.4.6
ORmeasuresoftscadaproMatch2.5
ORmeasuresoftscadaproMatch2.5.1
ORmeasuresoftscadaproMatch2.5.2
ORmeasuresoftscadaproMatch2.5.3
ORmeasuresoftscadaproMatch2.5.4
ORmeasuresoftscadaproMatch2.5.5
ORmeasuresoftscadaproMatch2.6.0
ORmeasuresoftscadaproMatch2.7.0
ORmeasuresoftscadaproMatch2.7.1
ORmeasuresoftscadaproMatch2.7.2
ORmeasuresoftscadaproMatch2.8.0
ORmeasuresoftscadaproMatch2.9.0
ORmeasuresoftscadaproMatch3.1.0
ORmeasuresoftscadaproMatch3.2.8
ORmeasuresoftscadaproMatch3.2.9
ORmeasuresoftscadaproMatch3.3.0
ORmeasuresoftscadaproMatch3.3.1
ORmeasuresoftscadaproMatch3.3.2
ORmeasuresoftscadaproMatch3.9.0
ORmeasuresoftscadaproMatch3.9.1
ORmeasuresoftscadaproMatch3.9.2
ORmeasuresoftscadaproMatch3.9.3
ORmeasuresoftscadaproMatch3.9.4
ORmeasuresoftscadaproMatch3.9.5
ORmeasuresoftscadaproMatch3.9.6
ORmeasuresoftscadaproMatch3.9.7
ORmeasuresoftscadaproMatch3.9.8
ORmeasuresoftscadaproMatch3.9.9
ORmeasuresoftscadaproMatch3.9.10
ORmeasuresoftscadaproMatch3.9.11
ORmeasuresoftscadaproMatch3.9.12
ORmeasuresoftscadaproMatch3.9.13
ORmeasuresoftscadaproMatch3.9.14
ORmeasuresoftscadaproMatch3.9.15
| Vendor | Product | Version | CPE |
|---|---|---|---|
| measuresoft | scadapro | * | cpe:2.3:a:measuresoft:scadapro:*:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.1 | cpe:2.3:a:measuresoft:scadapro:2.1:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.2 | cpe:2.3:a:measuresoft:scadapro:2.2:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.3 | cpe:2.3:a:measuresoft:scadapro:2.3:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4 | cpe:2.3:a:measuresoft:scadapro:2.4:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.1 | cpe:2.3:a:measuresoft:scadapro:2.4.1:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.2 | cpe:2.3:a:measuresoft:scadapro:2.4.2:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.3 | cpe:2.3:a:measuresoft:scadapro:2.4.3:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.4 | cpe:2.3:a:measuresoft:scadapro:2.4.4:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.5 | cpe:2.3:a:measuresoft:scadapro:2.4.5:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2011-3496
2011-09-16 17:00:00
prion
prion
Command injection
2011-09-16 17:26:00
nvd
nvd
CVE-2011-3496
2011-09-16 17:26:14
exploitdb
exploitdb
Measuresoft ScadaPro 4.0.0 - Remote Command Execution (Metasploit)
2011-09-16 00:00:00
Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities
2011-09-14 00:00:00
openvas
openvas
Measuresoft ScadaPro Multiple Security Vulnerabilities
2012-12-19 00:00:00
ics
ics
Measuresoft ScadaPro Vulnerabilities
2018-09-06 12:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.9
Confidence
Low
EPSS
0.109
Percentile
95.1%
Related for CVE-2011-3496