Ecava IntegraXor < 4.1.4369 Project Directory Information Disclosure

High Nessus Plugin ID 72107


The remote Windows host contains a SCADA application that is affected by an information disclosure vulnerability.


The version of IntegraXor installed on the remote host is a version prior to 4.1 Build 4369. It is, therefore, reportedly affected by an information disclosure vulnerability due to credentials being stored in plaintext. An attacker can potentially exploit this vulnerability to disclose credentials and possibly achieve remote code execution.


Upgrade to version 4.1.4369 or later.

See Also

Plugin Details

Severity: High

ID: 72107

File Name: scada_integraxor_4_1_4369.nbin

Version: $Revision: 1.22 $

Type: local

Family: SCADA

Published: 2014/01/23

Modified: 2018/01/29

Dependencies: 53548

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ecava:integraxor

Required KB Items: SCADA/Apps/Ecava/IntegraXor/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/12/21

Vulnerability Publication Date: 2013/12/15

Reference Information

CVE: CVE-2014-0752

BID: 64351

OSVDB: 101082

ICSA: 14-008-01