1. CVE-Search
  2. CVE-2017-12730
ID CVE-2017-12730
Summary An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path elements, which could allow an attacker to execute arbitrary code with elevated privileges.
References
Vulnerable Configurations
  • cpe:2.3:a:myscada:mypro:7:*:*:*:*:*:*:*
    cpe:2.3:a:myscada:mypro:7:*:*:*:*:*:*:*
  • cpe:2.3:a:myscada:mypro:7.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:myscada:mypro:7.0.26:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 09-10-2019 - 23:23)
Impact:
Exploitability:
CWE CWE-428
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 100815
misc https://ics-cert.us-cert.gov/advisories/ICSA-17-255-01
Last major update 09-10-2019 - 23:23
Published 06-10-2017 - 04:29
Last modified 09-10-2019 - 23:23
Back to Top