CVE-2014-5413

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorithm for an X.509 certificate, which makes it easier for remote attackers to spoof servers via a cryptographic attack against this algorithm.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSA-14-259-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:aveva:clearscada:2010:r3:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2010:r3.1:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r1:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r1.1:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r1.1a:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r1.2:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r2:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:scada_expert_clearscada:2013:r2.1:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:scada_expert_clearscada:2014:r1:*:*:*:*:*:*

History

No history.

Information

Published : 2014-09-18 10:55

Updated : 2024-02-28 12:20


NVD link : CVE-2014-5413

Mitre link : CVE-2014-5413

CVE.ORG link : CVE-2014-5413


JSON object : View

Products Affected

schneider-electric

  • scada_expert_clearscada

aveva

  • clearscada
CWE
CWE-310

Cryptographic Issues