CVE-2014-5413

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorithm for an X.509 certificate, which makes it easier for remote attackers to spoof servers via a cryptographic attack against this algorithm.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSA-14-259-01 Third Party Advisory US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-14-259-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:aveva:clearscada:2010:r3:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2010:r3.1:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r1:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r1.1:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r1.1a:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r1.2:*:*:*:*:*:*
cpe:2.3:a:aveva:clearscada:2013:r2:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:scada_expert_clearscada:2013:r2.1:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:scada_expert_clearscada:2014:r1:*:*:*:*:*:*

History

21 Nov 2024, 02:12

Type Values Removed Values Added
References () https://ics-cert.us-cert.gov/advisories/ICSA-14-259-01 - Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-14-259-01 - Third Party Advisory, US Government Resource

Information

Published : 2014-09-18 10:55

Updated : 2024-11-21 02:12


NVD link : CVE-2014-5413

Mitre link : CVE-2014-5413

CVE.ORG link : CVE-2014-5413


JSON object : View

Products Affected

aveva

  • clearscada

schneider-electric

  • scada_expert_clearscada
CWE
CWE-310

Cryptographic Issues