StruxureWare SCADA Expert ClearSCADA Remote Security Bypass

medium Nessus Plugin ID 80359

Synopsis

The remote web server is affected by an authentication bypass vulnerability.

Description

The remote web server is a version of StruxureWare SCADA Expert ClearSCADA (formerly Schneider Electric ClearSCADA) prior to version 2010 R3.2 / 2014 R1.1, or a version of 2013 R1 to 2013 R2.1. It is, therefore, affected by an authentication bypass vulnerability due to the default guest account not being restricted.

Solution

Change the default policy and remove guest account access to DBServer.

See Also

http://www.nessus.org/u?4755812c

http://www.nessus.org/u?a8f8e976

Plugin Details

Severity: Medium

ID: 80359

File Name: scada_clearscada_remote_security_bypass.nbin

Version: 1.68

Type: remote

Family: SCADA

Published: 1/5/2015

Updated: 7/19/2022

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:schneider-electric:clearscada, cpe:/a:schneider-electric:scada_expert_clearscada

Exploit Ease: No known exploits are available

Patch Publication Date: 10/6/2014

Vulnerability Publication Date: 10/6/2014

Reference Information

CVE: CVE-2014-5412

BID: 69840

ICSA: 14-259-01A