Lucene search
HistorySep 16, 2011 - 5:26 p.m.
CVE-2011-3496
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
High
EPSS
0.109
Percentile
95.1%
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
Affected configurations
Node
measuresoftscadaproRange≤4.0.0
ORmeasuresoftscadaproMatch2.1
ORmeasuresoftscadaproMatch2.2
ORmeasuresoftscadaproMatch2.3
ORmeasuresoftscadaproMatch2.4
ORmeasuresoftscadaproMatch2.4.1
ORmeasuresoftscadaproMatch2.4.2
ORmeasuresoftscadaproMatch2.4.3
ORmeasuresoftscadaproMatch2.4.4
ORmeasuresoftscadaproMatch2.4.5
ORmeasuresoftscadaproMatch2.4.6
ORmeasuresoftscadaproMatch2.5
ORmeasuresoftscadaproMatch2.5.1
ORmeasuresoftscadaproMatch2.5.2
ORmeasuresoftscadaproMatch2.5.3
ORmeasuresoftscadaproMatch2.5.4
ORmeasuresoftscadaproMatch2.5.5
ORmeasuresoftscadaproMatch2.6.0
ORmeasuresoftscadaproMatch2.7.0
ORmeasuresoftscadaproMatch2.7.1
ORmeasuresoftscadaproMatch2.7.2
ORmeasuresoftscadaproMatch2.8.0
ORmeasuresoftscadaproMatch2.9.0
ORmeasuresoftscadaproMatch3.1.0
ORmeasuresoftscadaproMatch3.2.8
ORmeasuresoftscadaproMatch3.2.9
ORmeasuresoftscadaproMatch3.3.0
ORmeasuresoftscadaproMatch3.3.1
ORmeasuresoftscadaproMatch3.3.2
ORmeasuresoftscadaproMatch3.9.0
ORmeasuresoftscadaproMatch3.9.1
ORmeasuresoftscadaproMatch3.9.2
ORmeasuresoftscadaproMatch3.9.3
ORmeasuresoftscadaproMatch3.9.4
ORmeasuresoftscadaproMatch3.9.5
ORmeasuresoftscadaproMatch3.9.6
ORmeasuresoftscadaproMatch3.9.7
ORmeasuresoftscadaproMatch3.9.8
ORmeasuresoftscadaproMatch3.9.9
ORmeasuresoftscadaproMatch3.9.10
ORmeasuresoftscadaproMatch3.9.11
ORmeasuresoftscadaproMatch3.9.12
ORmeasuresoftscadaproMatch3.9.13
ORmeasuresoftscadaproMatch3.9.14
ORmeasuresoftscadaproMatch3.9.15
| Vendor | Product | Version | CPE |
|---|---|---|---|
| measuresoft | scadapro | * | cpe:2.3:a:measuresoft:scadapro:*:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.1 | cpe:2.3:a:measuresoft:scadapro:2.1:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.2 | cpe:2.3:a:measuresoft:scadapro:2.2:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.3 | cpe:2.3:a:measuresoft:scadapro:2.3:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4 | cpe:2.3:a:measuresoft:scadapro:2.4:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.1 | cpe:2.3:a:measuresoft:scadapro:2.4.1:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.2 | cpe:2.3:a:measuresoft:scadapro:2.4.2:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.3 | cpe:2.3:a:measuresoft:scadapro:2.4.3:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.4 | cpe:2.3:a:measuresoft:scadapro:2.4.4:*:*:*:*:*:*:* |
| measuresoft | scadapro | 2.4.5 | cpe:2.3:a:measuresoft:scadapro:2.4.5:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2011-3496
2011-09-16 17:00:00
cve
cve
CVE-2011-3496
2011-09-16 17:26:14
prion
prion
Command injection
2011-09-16 17:26:00
exploitdb
exploitdb
Measuresoft ScadaPro 4.0.0 - Remote Command Execution (Metasploit)
2011-09-16 00:00:00
Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities
2011-09-14 00:00:00
openvas
openvas
Measuresoft ScadaPro Multiple Security Vulnerabilities
2012-12-19 00:00:00
ics
ics
Measuresoft ScadaPro Vulnerabilities
2018-09-06 12:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
High
EPSS
0.109
Percentile
95.1%
Related for NVD:CVE-2011-3496