Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for citectscada_reports by schneider-electric

    CVE-2011-4036 (GCVE-0-2011-4036)

    Vulnerability from nvd – Published: 2011-12-02 11:00 – Updated: 2024-09-16 18:13
    VLAI
    Summary
    Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:53:32.604Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-12-02T11:00:00.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
                  "refsource": "CONFIRM",
                  "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
                },
                {
                  "name": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695",
                  "refsource": "CONFIRM",
                  "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4036",
        "datePublished": "2011-12-02T11:00:00.000Z",
        "dateReserved": "2011-10-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:13:14.310Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4035 (GCVE-0-2011-4035)

    Vulnerability from nvd – Published: 2011-12-02 11:00 – Updated: 2024-08-06 23:53
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-10-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:53:32.591Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "schneider-unspec-xss(71503)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71503"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-10-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "schneider-unspec-xss(71503)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71503"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "schneider-unspec-xss(71503)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71503"
                },
                {
                  "name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
                  "refsource": "CONFIRM",
                  "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
                },
                {
                  "name": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695",
                  "refsource": "CONFIRM",
                  "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4035",
        "datePublished": "2011-12-02T11:00:00.000Z",
        "dateReserved": "2011-10-13T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:53:32.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4034 (GCVE-0-2011-4034)

    Vulnerability from nvd – Published: 2011-12-02 11:00 – Updated: 2024-09-16 23:16
    VLAI
    Summary
    Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:53:32.633Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-12-02T11:00:00.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4034",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
                  "refsource": "CONFIRM",
                  "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
                },
                {
                  "name": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695",
                  "refsource": "CONFIRM",
                  "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4034",
        "datePublished": "2011-12-02T11:00:00.000Z",
        "dateReserved": "2011-10-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:16:13.957Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4033 (GCVE-0-2011-4033)

    Vulnerability from nvd – Published: 2011-12-02 11:00 – Updated: 2024-09-17 00:31
    VLAI
    Summary
    Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:53:32.616Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-12-02T11:00:00.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4033",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
                  "refsource": "CONFIRM",
                  "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
                },
                {
                  "name": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695",
                  "refsource": "CONFIRM",
                  "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4033",
        "datePublished": "2011-12-02T11:00:00.000Z",
        "dateReserved": "2011-10-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:31:42.117Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4035 (GCVE-0-2011-4035)

    Vulnerability from cvelistv5 – Published: 2011-12-02 11:00 – Updated: 2024-08-06 23:53
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-10-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:53:32.591Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "schneider-unspec-xss(71503)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71503"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-10-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "schneider-unspec-xss(71503)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71503"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "schneider-unspec-xss(71503)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71503"
                },
                {
                  "name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
                  "refsource": "CONFIRM",
                  "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
                },
                {
                  "name": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695",
                  "refsource": "CONFIRM",
                  "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4035",
        "datePublished": "2011-12-02T11:00:00.000Z",
        "dateReserved": "2011-10-13T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:53:32.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4034 (GCVE-0-2011-4034)

    Vulnerability from cvelistv5 – Published: 2011-12-02 11:00 – Updated: 2024-09-16 23:16
    VLAI
    Summary
    Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:53:32.633Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-12-02T11:00:00.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4034",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
                  "refsource": "CONFIRM",
                  "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
                },
                {
                  "name": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695",
                  "refsource": "CONFIRM",
                  "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4034",
        "datePublished": "2011-12-02T11:00:00.000Z",
        "dateReserved": "2011-10-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:16:13.957Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4036 (GCVE-0-2011-4036)

    Vulnerability from cvelistv5 – Published: 2011-12-02 11:00 – Updated: 2024-09-16 18:13
    VLAI
    Summary
    Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:53:32.604Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-12-02T11:00:00.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
                  "refsource": "CONFIRM",
                  "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
                },
                {
                  "name": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695",
                  "refsource": "CONFIRM",
                  "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4036",
        "datePublished": "2011-12-02T11:00:00.000Z",
        "dateReserved": "2011-10-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:13:14.310Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4033 (GCVE-0-2011-4033)

    Vulnerability from cvelistv5 – Published: 2011-12-02 11:00 – Updated: 2024-09-17 00:31
    VLAI
    Summary
    Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:53:32.616Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-12-02T11:00:00.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4033",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
                  "refsource": "CONFIRM",
                  "url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
                },
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
                },
                {
                  "name": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695",
                  "refsource": "CONFIRM",
                  "url": "http://www.citect.com/index.php?option=com_content\u0026view=article\u0026id=1656\u0026Itemid=1695"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4033",
        "datePublished": "2011-12-02T11:00:00.000Z",
        "dateReserved": "2011-10-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:31:42.117Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }