CVE-2017-7971 Vulnerability Details

  /     /     /  

CVE-2017-7971 Metadata Quick Info

CVE Published: 25/09/2017 | CVE Updated: 16/09/2024 | CVE Year: 2017
Source: schneider | Vendor: Schneider Electric SE | Product: PowerSCADA Anywhere
Status : PUBLISHED

---

CVE-2017-7971 Description

A vulnerability exists in Schneider Electric\'s PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Improper Validaiton of Certificate Expiration
Source: Schneider Electric SE

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).