Lucene search
JpcertCVE-2014-7251HistoryDec 06, 2014 - 3:59 p.m.
CVE-2014-7251
2014-12-0615:59:06
CWE-20
jpcert
web.nvd.nist.gov
23
cve-2014-7251
xxe vulnerability
yokogawa electric corporation
fast/tools
nvd
denial of service
cpu consumption
network traffic
arbitrary files
CVSS2
3.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:N/A:P
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
27.8%
XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors.
Affected configurations
Node
yokogawafast\/toolsMatchr9.01
ORyokogawafast\/toolsMatchr9.02
ORyokogawafast\/toolsMatchr9.03
ORyokogawafast\/toolsMatchr9.04
ORyokogawafast\/toolsMatchr9.05
| Vendor | Product | Version | CPE |
|---|---|---|---|
| yokogawa | fast\/tools | r9.01 | cpe:2.3:a:yokogawa:fast\/tools:r9.01:*:*:*:*:*:*:* |
| yokogawa | fast\/tools | r9.02 | cpe:2.3:a:yokogawa:fast\/tools:r9.02:*:*:*:*:*:*:* |
| yokogawa | fast\/tools | r9.03 | cpe:2.3:a:yokogawa:fast\/tools:r9.03:*:*:*:*:*:*:* |
| yokogawa | fast\/tools | r9.04 | cpe:2.3:a:yokogawa:fast\/tools:r9.04:*:*:*:*:*:*:* |
| yokogawa | fast\/tools | r9.05 | cpe:2.3:a:yokogawa:fast\/tools:r9.05:*:*:*:*:*:*:* |
Related
prion
prion
Xxe
2014-12-06 15:59:00
cvelist
cvelist
CVE-2014-7251
2014-12-06 15:00:00
ics
ics
Yokogawa FAST/TOOLS XML External Entity
2018-09-05 12:00:00
jvn
jvn
ptsecurity
ptsecurity
PT-2014-64: XML External Entity Injection in Yokogawa FAST/TOOLS
2012-11-20 00:00:00
nvd
nvd
CVE-2014-7251
2014-12-06 15:59:06
CVSS2
3.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:N/A:P
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
27.8%
Related for CVE-2014-7251