CVE-2018-17896 Vulnerability Details

  /     /     /  

CVE-2018-17896 Metadata Quick Info

CVE Published: 12/10/2018 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: icscert | Vendor: Yokogawa | Product: STARDOM Controllers FCJ,FCN-100,FCN-RTU, FCN-500
Status : PUBLISHED

---

CVE-2018-17896 Description

Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affected controllers utilize hard-coded credentials which may allow an attacker gain unauthorized access to the maintenance functions and obtain or modify information. This attack can be executed only during maintenance work.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-798
CWE Name: USE OF HARD-CODED CREDENTIALS CWE-798
Source: Yokogawa

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).