var-201405-0282
Vulnerability from variot
SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests. Authentication is not required to exploit this vulnerability. The specific flaw exists within the data source templating. CSWorks does not properly sanitize or validate the data used to construct read and write paths which can lead to SQL injection. An attacker may be able to leverage this vulnerability to achieve remote code execution. CSWorks is a software architecture for building WEB-based HMI, SCADA and M2M industrial automation solutions. CSWorks is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, to access or modify data, or to exploit vulnerabilities in the underlying database. CSWorks 2.5.5050.0 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0282",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "2.0.4115.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "1.4.3900.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "1.7.5000.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "1.4.3860.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "2.0.4115.1"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "1.4.3850.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "1.4.4000.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "1.4.3880.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.6,
"vendor": "controlsystemworks",
"version": "1.7.4050.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "2.5.4912.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.720.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.601.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.2.3800.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.2.3730.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "2.5.4770.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.901.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.4.3820.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "2.5.4770.1"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "2.1.4386.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.3560.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.3580.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.1.3600.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.813.0"
},
{
"model": "csworks",
"scope": "lte",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "2.5.5050.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "2.1.4560.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.801.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.4.3830.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.623.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.612.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.0.3540.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.1.3674.0"
},
{
"model": "csworks",
"scope": "eq",
"trust": 1.0,
"vendor": "controlsystemworks",
"version": "1.1.3700.0"
},
{
"model": "csworks",
"scope": "lt",
"trust": 0.8,
"vendor": "csworks",
"version": "2.5.5233.0"
},
{
"model": "csworks",
"scope": null,
"trust": 0.7,
"vendor": "csworks",
"version": null
},
{
"model": "csworks",
"scope": "eq",
"trust": 0.6,
"vendor": "csworks",
"version": "2.x"
},
{
"model": "csworks",
"scope": "eq",
"trust": 0.6,
"vendor": "controlsystemworks",
"version": "2.5.5050.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.601.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.612.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.623.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.720.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.801.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.813.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.901.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.3540.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.3560.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.0.3580.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.1.3600.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.1.3674.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.1.3700.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.2.3730.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.2.3800.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.4.3820.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.4.3830.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.4.3850.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.4.3860.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.4.3880.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.4.3900.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.4.4000.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.7.4050.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "1.7.5000.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "2.0.4115.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "2.0.4115.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "2.1.4386.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "2.1.4560.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "2.5.4770.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "2.5.4770.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "2.5.4912.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "csworks",
"version": "*"
},
{
"model": "csworks",
"scope": "eq",
"trust": 0.3,
"vendor": "csworks",
"version": "2.0.41151"
},
{
"model": "csworks",
"scope": "eq",
"trust": 0.3,
"vendor": "csworks",
"version": "2.0.41150"
}
],
"sources": [
{
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"db": "BID",
"id": "67427"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-383"
},
{
"db": "NVD",
"id": "CVE-2014-2351"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:controlsystemworks:csworks",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "John Leitch",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-298"
}
],
"trust": 0.7
},
"cve": "CVE-2014-2351",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-2351",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 2.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-03157",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2351",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-2351",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2014-2351",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-03157",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-383",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-383"
},
{
"db": "NVD",
"id": "CVE-2014-2351"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests. Authentication is not required to exploit this vulnerability. The specific flaw exists within the data source templating. CSWorks does not properly sanitize or validate the data used to construct read and write paths which can lead to SQL injection. An attacker may be able to leverage this vulnerability to achieve remote code execution. CSWorks is a software architecture for building WEB-based HMI, SCADA and M2M industrial automation solutions. CSWorks is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. \nA successful exploit could allow an attacker to compromise the application, to access or modify data, or to exploit vulnerabilities in the underlying database. \nCSWorks 2.5.5050.0 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2351"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"db": "BID",
"id": "67427"
},
{
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2351",
"trust": 4.4
},
{
"db": "ICS CERT",
"id": "ICSA-14-135-01",
"trust": 2.4
},
{
"db": "BID",
"id": "67427",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2014-03157",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201405-383",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002540",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2191",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-298",
"trust": 0.7
},
{
"db": "IVD",
"id": "7D769C41-463F-11E9-A9B8-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "F996F9AA-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"db": "BID",
"id": "67427"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-383"
},
{
"db": "NVD",
"id": "CVE-2014-2351"
}
]
},
"id": "VAR-201405-0282",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
}
],
"trust": 1.6428571299999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
}
]
},
"last_update_date": "2024-11-23T22:18:37.183000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Important: CSWorks security release 2.5.5233.0",
"trust": 0.8,
"url": "http://www.controlsystemworks.com/blogengine/post/2014/05/08/Important-CSWorks-security-release-2552330"
},
{
"title": "CSWorks has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-135-01"
},
{
"title": "CSWorks LiveData Service Web API SQL Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/45759"
},
{
"title": "CSWorks-2.5.5233.0-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=50013"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-383"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"db": "NVD",
"id": "CVE-2014-2351"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-135-01"
},
{
"trust": 2.2,
"url": "http://www.controlsystemworks.com/blogengine/post/2014/05/08/important-csworks-security-release-2552330"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/67427"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2351"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2351"
},
{
"trust": 0.3,
"url": "http://www.controlsystemworks.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"db": "BID",
"id": "67427"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-383"
},
{
"db": "NVD",
"id": "CVE-2014-2351"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"db": "BID",
"id": "67427"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-383"
},
{
"db": "NVD",
"id": "CVE-2014-2351"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-22T00:00:00",
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"date": "2014-05-22T00:00:00",
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-08-27T00:00:00",
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"date": "2014-05-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"date": "2014-05-08T00:00:00",
"db": "BID",
"id": "67427"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"date": "2014-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-383"
},
{
"date": "2014-05-20T11:13:37.873000",
"db": "NVD",
"id": "CVE-2014-2351"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-27T00:00:00",
"db": "ZDI",
"id": "ZDI-14-298"
},
{
"date": "2014-05-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03157"
},
{
"date": "2014-09-01T00:12:00",
"db": "BID",
"id": "67427"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002540"
},
{
"date": "2014-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-383"
},
{
"date": "2024-11-21T02:06:07.940000",
"db": "NVD",
"id": "CVE-2014-2351"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-383"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CSWorks of LiveData In service SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002540"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "7d769c41-463f-11e9-a9b8-000c29342cb1"
},
{
"db": "IVD",
"id": "f996f9aa-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-383"
}
],
"trust": 1.0
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…