Search criteria
6 vulnerabilities found for tristation_1131 by schneider-electric
CVE-2020-7485 (GCVE-0-2020-7485)
Vulnerability from nvd – Published: 2020-04-15 21:03 – Updated: 2024-08-04 09:33
VLAI?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1
Severity ?
No CVSS data available.
CWE
- improper access
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0) |
Affected:
TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "improper access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T19:37:45",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"version": {
"version_data": [
{
"version_value": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "improper access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SESB-2020-105-01",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7485",
"datePublished": "2020-04-15T21:03:31",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7484 (GCVE-0-2020-7484)
Vulnerability from nvd – Published: 2020-04-15 21:03 – Updated: 2024-08-04 09:33
VLAI?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former 'password' feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. This feature is not present in version v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions.
Severity ?
No CVSS data available.
CWE
- denial of service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0) |
Affected:
TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former \u0027password\u0027 feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. This feature is not present in version v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T19:36:36",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"version": {
"version_data": [
{
"version_value": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former \u0027password\u0027 feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. This feature is not present in version v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SESB-2020-105-01",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7484",
"datePublished": "2020-04-15T21:03:24",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7483 (GCVE-0-2020-7483)
Vulnerability from nvd – Published: 2020-04-15 21:03 – Updated: 2024-08-04 09:33
VLAI?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the 'password' feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The 'password' feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions.
Severity ?
No CVSS data available.
CWE
- cleartext
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0) |
Affected:
TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:18.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the \u0027password\u0027 feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The \u0027password\u0027 feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cleartext",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T19:35:50",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"version": {
"version_data": [
{
"version_value": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the \u0027password\u0027 feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The \u0027password\u0027 feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cleartext"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SESB-2020-105-01",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7483",
"datePublished": "2020-04-15T21:03:17",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:18.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7485 (GCVE-0-2020-7485)
Vulnerability from cvelistv5 – Published: 2020-04-15 21:03 – Updated: 2024-08-04 09:33
VLAI?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1
Severity ?
No CVSS data available.
CWE
- improper access
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0) |
Affected:
TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "improper access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T19:37:45",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"version": {
"version_data": [
{
"version_value": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "improper access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SESB-2020-105-01",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7485",
"datePublished": "2020-04-15T21:03:31",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7484 (GCVE-0-2020-7484)
Vulnerability from cvelistv5 – Published: 2020-04-15 21:03 – Updated: 2024-08-04 09:33
VLAI?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former 'password' feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. This feature is not present in version v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions.
Severity ?
No CVSS data available.
CWE
- denial of service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0) |
Affected:
TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former \u0027password\u0027 feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. This feature is not present in version v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T19:36:36",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"version": {
"version_data": [
{
"version_value": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former \u0027password\u0027 feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. This feature is not present in version v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SESB-2020-105-01",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7484",
"datePublished": "2020-04-15T21:03:24",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7483 (GCVE-0-2020-7483)
Vulnerability from cvelistv5 – Published: 2020-04-15 21:03 – Updated: 2024-08-04 09:33
VLAI?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the 'password' feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The 'password' feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions.
Severity ?
No CVSS data available.
CWE
- cleartext
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0) |
Affected:
TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:18.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the \u0027password\u0027 feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The \u0027password\u0027 feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cleartext",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T19:35:50",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)",
"version": {
"version_data": [
{
"version_value": "TriStation TS1131 (v4.0.0 to v4.9.0, v4.10.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the \u0027password\u0027 feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The \u0027password\u0027 feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cleartext"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SESB-2020-105-01",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7483",
"datePublished": "2020-04-15T21:03:17",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:18.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}