This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
The remote host is affected by multiple vulnerabilities.
The remote host is a Honeywell FALCON XL Web SCADA controller that is
running a firmware version affected by the following vulnerabilities :
- The change password page can be accessed without
authentication to determine users' password hashes,
which can allow a remote attacker to gain administrative
- The web server on the device is affected by multiple
cross-site scripting vulnerabilities. (CVE-2014-3110)
See also :
Contact the vendor for the latest available updates.
Risk factor :
High / CVSS Base Score : 7.6
CVSS Temporal Score : 6.6
Public Exploit Available : true