Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIcscertCVE-2012-6069
HistoryJan 21, 2013 - 9:55 p.m.

CVE-2012-6069

2013-01-2121:55:01
CWE-22
icscert
web.nvd.nist.gov
39
cve
codesys
vulnerability
directory traversal
remote attackers
tcp listener service

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.014

Percentile

86.2%

JSON

Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x allows remote attackers to read, overwrite, or create arbitrary files via a … (dot dot) in a request to the TCP listener service.

Affected configurations

Nvd
Node
3s-softwarecodesys_runtime_systemMatch2.4.0
Node
3s-softwarecodesys_runtime_systemMatch2.3.9.8
OR
3s-softwarecodesys_runtime_systemMatch2.3.9.35
OR
3s-softwarecodesys_runtime_systemMatch2.3.9.36
OR
3s-softwarecodesys_runtime_systemMatch2.3.9.37
VendorProductVersionCPE
3s-softwarecodesys_runtime_system2.4.0cpe:2.3:a:3s-software:codesys_runtime_system:2.4.0:*:*:*:*:*:*:*
3s-softwarecodesys_runtime_system2.3.9.8cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.8:*:*:*:*:*:*:*
3s-softwarecodesys_runtime_system2.3.9.35cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.35:*:*:*:*:*:*:*
3s-softwarecodesys_runtime_system2.3.9.36cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.36:*:*:*:*:*:*:*
3s-softwarecodesys_runtime_system2.3.9.37cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.37:*:*:*:*:*:*:*

Related

nvd 1
cvelist 1
prion 1
openvas 1
ics 2
nvd
nvd
CVE-2012-6069
2013-01-21 21:55:01
cvelist
cvelist
CVE-2012-6069
2013-01-21 21:00:00
prion
prion
Directory traversal
2013-01-21 21:55:00
openvas
openvas
CODESYS Multiple Vulnerabilities (Oct 2012) - Active Check
2012-10-29 00:00:00
ics
ics
3S CoDeSys (Update A)
2020-09-24 12:00:00
Festo CECX-X-(C1/M1) Controller Vulnerabilities
2018-09-06 12:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.014

Percentile

86.2%

JSON
Related for CVE-2012-6069
nvd1cvelist1prion1openvas1ics2