CVE-2016-5787

{"id": "CVE-2016-5787", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.0}]}, "published": "2016-07-15T16:59:11.423", "references": [{"url": "http://www.securityfocus.com/bid/91727", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-01", "tags": ["Permissions Required", "Vendor Advisory"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "http://www.securityfocus.com/bid/91727", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-01", "tags": ["Permissions Required", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors."}, {"lang": "es", "value": "General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY en versiones anteriores a 8.2 SIM 27 no maneja adecuadamente el servicio DACLs, lo que permite a usuarios locales modificar una configuraci\u00f3n de servicio a trav\u00e9s de vectores no especificados."}], "lastModified": "2024-11-21T02:55:00.607", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ge:cimplicity:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D612AFA-8D00-4BD8-805F-CF0F081CE58C", "versionEndExcluding": "8.2"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35CA3DDA-4A19-4387-B8C5-675985E5039E"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5ED995F-8528-42EC-BFD3-E0A042565AB0"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BDA2D7C-B50E-44AB-AF5C-56208C1E54AE"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B2A334B-2DFA-486D-B6D9-ABCCD0247FD7"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7A22369-313E-4088-9514-B01368F764C9"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CFD955C-4298-446C-9286-7B0D84509191"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68551205-68AF-4757-90CC-15161BC7384E"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94FD0998-A644-445F-9DA7-A857A981CC24"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim17:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D96AC352-07AE-41A5-9805-080DF9DD4B2C"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim18:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "419CD7DE-CCA1-4547-8339-748B840489F4"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim19:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC1E1F21-9BC7-4ACA-91ED-4D4AECF1672F"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDB6AC3A-82C8-4C49-8B54-CF6684529CC9"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4D0541D-E2E1-406F-AF2B-B482C07FD55D"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim21:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A652C12-24BB-4CF6-9C28-35FE350CF403"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim22:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6B4ED3A-56E1-439D-8573-16CF442B45FD"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim23:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD9B715D-48C1-4F44-8EE4-C10828B1EE8A"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim24:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F33C2217-650A-4969-9006-471D869D63AF"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8331490A-A63D-4903-9CD6-D687EA1F6DA3"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD71870C-1213-4369-804A-5E67C79C5B1C"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75F41815-D16F-4C29-B1DF-E5F956FD464F"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BF44E77-00D5-471C-A4AF-E7A905BA299E"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0995915D-025A-46E6-8E2F-237E33369E75"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABBDCBBB-AD6A-4752-9C07-22C4B6494057"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0D0F15D-849A-4344-8725-7996CA9DACA5"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79494C7A-F9E9-4DBB-A44B-5897948338DC"}, {"criteria": "cpe:2.3:a:ge:cimplicity:8.2:sim9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2977EC39-E34B-4A07-98B9-A1F1909332FD"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}