Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-2297 (GCVE-0-2016-2297)
Vulnerability from cvelistv5 – Published: 2016-05-14 16:00 – Updated: 2024-08-05 23:24
VLAI
EPSS
Summary
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature."
Severity
9.4 (Critical)
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2016/May/52 | mailing-listx_refsource_FULLDISC |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01 | x_refsource_MISC |
Date Public
2016-05-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160517 [ICS] Meteocontrol WEB\u0027log Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/May/52"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "20160517 [ICS] Meteocontrol WEB\u0027log Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/May/52"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-2297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160517 [ICS] Meteocontrol WEB\u0027log Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/May/52"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-2297",
"datePublished": "2016-05-14T16:00:00.000Z",
"dateReserved": "2016-02-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:24:48.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-2297",
"date": "2026-06-27",
"epss": "0.04383",
"percentile": "0.90076"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-2297\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2016-05-14T16:59:03.227\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \\\"access command shell-like feature.\\\"\"},{\"lang\":\"es\",\"value\":\"Meteocontrol WEB\u0027log Basic 100, Light, Pro y Pro Unlimited permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de una \\\"funcionalidad en forma de shell de comando de acceso\\\".\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L\",\"baseScore\":9.4,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":5.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:P\",\"baseScore\":9.7,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":9.5,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:meteocontrol:web\\\\\u0027log_basic_100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F464A7F9-0F62-4A25-A1B7-D46CD10795FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:meteocontrol:web\\\\\u0027log_light:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95A88480-463E-4F32-A8CC-A6A42E26FD6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:meteocontrol:web\\\\\u0027log_pro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C486FD1-E045-48BB-9451-D5AB446073D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:meteocontrol:web\\\\\u0027log_pro_unlimited:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07528FD4-93AD-49DA-99DD-1FD927953F83\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2016/May/52\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://seclists.org/fulldisclosure/2016/May/52\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
Title
Meteocontrol WEB'log任意命令执行漏洞
Description
Meteocontrol WEB'log是一套基于Web使用不同的连接设备来提供能源和动力配置管理功能的SCADA系统。
多款Meteocontrol WEB'log产品的access command shell-like功能中存在安全漏洞,允许远程攻击者可利用漏洞提交特殊请求执行任意命令。
Severity
高
Patch Name
Meteocontrol WEB'log任意命令执行漏洞的补丁
Patch Description
Meteocontrol WEB'log是一套基于Web使用不同的连接设备来提供能源和动力配置管理功能的SCADA系统。
多款Meteocontrol WEB'log产品的access command shell-like功能中存在安全漏洞,允许远程攻击者可利用漏洞提交特殊请求执行任意命令。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: http://us.meteocontrol.com/
Reference
https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01
Impacted products
| Name | ["Meteocontrol WEB'log Basic 100", "Meteocontrol WEB'log Light", "Meteocontrol WEB'log ProPro Unlimited"] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-2297"
}
},
"description": "Meteocontrol WEB\u0027log\u662f\u4e00\u5957\u57fa\u4e8eWeb\u4f7f\u7528\u4e0d\u540c\u7684\u8fde\u63a5\u8bbe\u5907\u6765\u63d0\u4f9b\u80fd\u6e90\u548c\u52a8\u529b\u914d\u7f6e\u7ba1\u7406\u529f\u80fd\u7684SCADA\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eMeteocontrol WEB\u0027log\u4ea7\u54c1\u7684access command shell-like\u529f\u80fd\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u8bf7\u6c42\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
"discovererName": "unknown",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://us.meteocontrol.com/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-03196",
"openTime": "2016-05-17",
"patchDescription": "Meteocontrol WEB\u0027log\u662f\u4e00\u5957\u57fa\u4e8eWeb\u4f7f\u7528\u4e0d\u540c\u7684\u8fde\u63a5\u8bbe\u5907\u6765\u63d0\u4f9b\u80fd\u6e90\u548c\u52a8\u529b\u914d\u7f6e\u7ba1\u7406\u529f\u80fd\u7684SCADA\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eMeteocontrol WEB\u0027log\u4ea7\u54c1\u7684access command shell-like\u529f\u80fd\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u8bf7\u6c42\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Meteocontrol WEB\u0027log\u4efb\u610f\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Meteocontrol WEB\u0027log Basic 100",
"Meteocontrol WEB\u0027log Light",
"Meteocontrol WEB\u0027log ProPro Unlimited"
]
},
"referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01",
"serverity": "\u9ad8",
"submitTime": "2016-05-15",
"title": "Meteocontrol WEB\u0027log\u4efb\u610f\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e"
}
FKIE_CVE-2016-2297
Vulnerability from fkie_nvd - Published: 2016-05-14 16:59 - Updated: 2026-06-17 00:43
Severity
Summary
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature."
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://seclists.org/fulldisclosure/2016/May/52 | ||
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2016/May/52 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| meteocontrol | web\'log_basic_100 | - | |
| meteocontrol | web\'log_light | - | |
| meteocontrol | web\'log_pro | - | |
| meteocontrol | web\'log_pro_unlimited | - |
{
"affected": [
{
"affectedData": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"source": "ics-cert@hq.dhs.gov"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:meteocontrol:web\\\u0027log_basic_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F464A7F9-0F62-4A25-A1B7-D46CD10795FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:meteocontrol:web\\\u0027log_light:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95A88480-463E-4F32-A8CC-A6A42E26FD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:meteocontrol:web\\\u0027log_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C486FD1-E045-48BB-9451-D5AB446073D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:meteocontrol:web\\\u0027log_pro_unlimited:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07528FD4-93AD-49DA-99DD-1FD927953F83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\""
},
{
"lang": "es",
"value": "Meteocontrol WEB\u0027log Basic 100, Light, Pro y Pro Unlimited permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de una \"funcionalidad en forma de shell de comando de acceso\"."
}
],
"id": "CVE-2016-2297",
"lastModified": "2026-06-17T00:43:46.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 9.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T16:59:03.227",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://seclists.org/fulldisclosure/2016/May/52"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/May/52"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-5FQV-VRX3-3H8M
Vulnerability from github – Published: 2022-05-17 03:37 – Updated: 2022-05-17 03:37
VLAI
Details
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature."
Severity
9.4 (Critical)
{
"affected": [],
"aliases": [
"CVE-2016-2297"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-05-14T16:59:00Z",
"severity": "CRITICAL"
},
"details": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\"",
"id": "GHSA-5fqv-vrx3-3h8m",
"modified": "2022-05-17T03:37:38Z",
"published": "2022-05-17T03:37:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2297"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2016/May/52"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GSD-2016-2297
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature."
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-2297",
"description": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\"",
"id": "GSD-2016-2297"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-2297"
],
"details": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\"",
"id": "GSD-2016-2297",
"modified": "2023-12-13T01:21:20.213471Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-2297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160517 [ICS] Meteocontrol WEB\u0027log Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/May/52"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:meteocontrol:web\\\u0027log_pro_unlimited:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:meteocontrol:web\\\u0027log_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:meteocontrol:web\\\u0027log_light:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:meteocontrol:web\\\u0027log_basic_100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-2297"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01"
},
{
"name": "20160517 [ICS] Meteocontrol WEB\u0027log Multiple Vulnerabilities",
"refsource": "FULLDISC",
"tags": [],
"url": "http://seclists.org/fulldisclosure/2016/May/52"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 9.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
}
},
"lastModifiedDate": "2016-11-30T03:04Z",
"publishedDate": "2016-05-14T16:59Z"
}
}
}
ICSA-16-133-01A
Vulnerability from csaf_cisa - Published: 2016-02-13 07:00 - Updated: 2025-06-05 21:41Summary
Meteocontrol WEB'log Vulnerabilities (Update A)
Notes
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices: CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
9.4 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Meteocontrol WEB'log Basic 100: vers:all/*
Meteocontrol / WEB'log Basic 100
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Light: vers:all/*
Meteocontrol / WEB'log Light
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Pro: vers:all/*
Meteocontrol / WEB'log Pro
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Pro Unlimited: vers:all/*
Meteocontrol / WEB'log Pro Unlimited
|
vers:all/* |
Mitigation
fix
|
9.4 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Meteocontrol WEB'log Basic 100: vers:all/*
Meteocontrol / WEB'log Basic 100
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Light: vers:all/*
Meteocontrol / WEB'log Light
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Pro: vers:all/*
Meteocontrol / WEB'log Pro
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Pro Unlimited: vers:all/*
Meteocontrol / WEB'log Pro Unlimited
|
vers:all/* |
Mitigation
fix
|
9.4 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Meteocontrol WEB'log Basic 100: vers:all/*
Meteocontrol / WEB'log Basic 100
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Light: vers:all/*
Meteocontrol / WEB'log Light
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Pro: vers:all/*
Meteocontrol / WEB'log Pro
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Pro Unlimited: vers:all/*
Meteocontrol / WEB'log Pro Unlimited
|
vers:all/* |
Mitigation
fix
|
9.8 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Meteocontrol WEB'log Basic 100: vers:all/*
Meteocontrol / WEB'log Basic 100
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Light: vers:all/*
Meteocontrol / WEB'log Light
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Pro: vers:all/*
Meteocontrol / WEB'log Pro
|
vers:all/* |
Mitigation
fix
|
|
|
Meteocontrol WEB'log Pro Unlimited: vers:all/*
Meteocontrol / WEB'log Pro Unlimited
|
vers:all/* |
Mitigation
fix
|
References
10 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-16-133-01A JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2016/icsa-16-133-01a.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-16-133-01A - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-16-133-01a"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Meteocontrol WEB\u0027log Vulnerabilities (Update A)",
"tracking": {
"current_release_date": "2025-06-05T21:41:29.855368Z",
"generator": {
"date": "2025-06-05T21:41:29.855255Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-16-133-01A",
"initial_release_date": "2016-02-13T07:00:00.000000Z",
"revision_history": [
{
"date": "2016-02-13T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-05T21:41:29.855368Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Meteocontrol WEB\u0027log Basic 100: vers:all/*",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "WEB\u0027log Basic 100"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Meteocontrol WEB\u0027log Light: vers:all/*",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "WEB\u0027log Light"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Meteocontrol WEB\u0027log Pro: vers:all/*",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "WEB\u0027log Pro"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Meteocontrol WEB\u0027log Pro Unlimited: vers:all/*",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "WEB\u0027log Pro Unlimited"
}
],
"category": "vendor",
"name": "Meteocontrol"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2296",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "summary",
"text": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for \"post-admin\" login pages, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Meteocontrol strongly recommends users install the WEB\u0027log behind a firewall. It is not intended to be used with a direct connection to the Internet. Meteocontrol has produced a new version that fixes the vulnerabilities. It can be downloaded at: (http://us.meteocontrol.com/downloads/.)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "http://us.meteocontrol.com/downloads/."
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2016-2297",
"cwe": {
"id": "CWE-553",
"name": "Command Shell in Externally Accessible Directory"
},
"notes": [
{
"category": "summary",
"text": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\"",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Meteocontrol strongly recommends users install the WEB\u0027log behind a firewall. It is not intended to be used with a direct connection to the Internet. Meteocontrol has produced a new version that fixes the vulnerabilities. It can be downloaded at: (http://us.meteocontrol.com/downloads/.)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "http://us.meteocontrol.com/downloads/."
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2016-4504",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "summary",
"text": "A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB\u0027log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Meteocontrol strongly recommends users install the WEB\u0027log behind a firewall. It is not intended to be used with a direct connection to the Internet. Meteocontrol has produced a new version that fixes the vulnerabilities. It can be downloaded at: (http://us.meteocontrol.com/downloads/.)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "http://us.meteocontrol.com/downloads/."
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2016-2298",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Meteocontrol strongly recommends users install the WEB\u0027log behind a firewall. It is not intended to be used with a direct connection to the Internet. Meteocontrol has produced a new version that fixes the vulnerabilities. It can be downloaded at: (http://us.meteocontrol.com/downloads/.)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "http://us.meteocontrol.com/downloads/."
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
VAR-201605-0031
Vulnerability from variot - Updated: 2025-04-13 23:09Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature.". Meteocontrol WEB'log is a SCADA system based on the Web that uses different connected devices to provide energy and power configuration management functions. Multiple Meteocontrol WEB'log products are prone to a remote command-execution vulnerability. An attacker can execute arbitrary system commands within the context of the affected application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web\\\u0027log pro unlimited",
"scope": "eq",
"trust": 1.6,
"vendor": "meteocontrol",
"version": null
},
{
"model": "web\\\u0027log light",
"scope": "eq",
"trust": 1.6,
"vendor": "meteocontrol",
"version": null
},
{
"model": "web\\\u0027log pro",
"scope": "eq",
"trust": 1.6,
"vendor": "meteocontrol",
"version": null
},
{
"model": "web\\\u0027log basic 100",
"scope": "eq",
"trust": 1.6,
"vendor": "meteocontrol",
"version": null
},
{
"model": "web\u0027log light",
"scope": null,
"trust": 1.4,
"vendor": "meteocontrol",
"version": null
},
{
"model": "web\u0027log basic 100",
"scope": null,
"trust": 0.8,
"vendor": "meteocontrol",
"version": null
},
{
"model": "web\u0027log pro",
"scope": null,
"trust": 0.8,
"vendor": "meteocontrol",
"version": null
},
{
"model": "web\u0027log pro unlimited",
"scope": null,
"trust": 0.8,
"vendor": "meteocontrol",
"version": null
},
{
"model": "web\u0027log basic",
"scope": "eq",
"trust": 0.6,
"vendor": "meteocontrol",
"version": "100"
},
{
"model": "web\u0027log propro unlimited",
"scope": null,
"trust": 0.6,
"vendor": "meteocontrol",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "web log basic 100",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "web log light",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "web log pro",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "web log pro unlimited",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
},
{
"db": "NVD",
"id": "CVE-2016-2297"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:meteocontrol:web%27log_basic_100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:meteocontrol:web%27log_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:meteocontrol:web%27log_pro",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:meteocontrol:web%27log_pro_unlimited",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002743"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Karn Ganeshen",
"sources": [
{
"db": "BID",
"id": "90632"
}
],
"trust": 0.3
},
"cve": "CVE-2016-2297",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 9.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-2297",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-03196",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "55321782-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-2297",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-2297",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-2297",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2016-03196",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-374",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
},
{
"db": "NVD",
"id": "CVE-2016-2297"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Meteocontrol WEB\u0027log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an \"access command shell-like feature.\". Meteocontrol WEB\u0027log is a SCADA system based on the Web that uses different connected devices to provide energy and power configuration management functions. Multiple Meteocontrol WEB\u0027log products are prone to a remote command-execution vulnerability. \nAn attacker can execute arbitrary system commands within the context of the affected application",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2297"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"db": "BID",
"id": "90632"
},
{
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2297",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-16-133-01",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2016-03196",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-374",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002743",
"trust": 0.8
},
{
"db": "BID",
"id": "90632",
"trust": 0.3
},
{
"db": "IVD",
"id": "55321782-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"db": "BID",
"id": "90632"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
},
{
"db": "NVD",
"id": "CVE-2016-2297"
}
]
},
"id": "VAR-201605-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-03196"
}
],
"trust": 1.70476191
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-03196"
}
]
},
"last_update_date": "2025-04-13T23:09:35.996000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WEB\u0027LOG",
"trust": 0.8,
"url": "http://www.meteocontrol.com/en/industrial-line/data-logger-weblogs/weblog/"
},
{
"title": "DOWNLOADS",
"trust": 0.8,
"url": "http://us.meteocontrol.com/downloads/"
},
{
"title": "Meteocontrol WEB\u0027log patch for arbitrary command execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/75961"
},
{
"title": "Meteocontrol WEB\u0027log Fixes for arbitrary command execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61692"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2297"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-133-01"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2016/may/52"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2297"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2297"
},
{
"trust": 0.3,
"url": "http://www.meteocontrol.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"db": "BID",
"id": "90632"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
},
{
"db": "NVD",
"id": "CVE-2016-2297"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"db": "BID",
"id": "90632"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
},
{
"db": "NVD",
"id": "CVE-2016-2297"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-17T00:00:00",
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2016-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"date": "2016-05-12T00:00:00",
"db": "BID",
"id": "90632"
},
{
"date": "2016-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"date": "2016-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-374"
},
{
"date": "2016-05-14T16:59:03.227000",
"db": "NVD",
"id": "CVE-2016-2297"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"date": "2016-07-06T14:41:00",
"db": "BID",
"id": "90632"
},
{
"date": "2016-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002743"
},
{
"date": "2016-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-374"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-2297"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Meteocontrol WEB\u0027log Arbitrary command execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "55321782-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-03196"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-374"
}
],
"trust": 0.6
}
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…