var-201510-0100
Vulnerability from variot
Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to obtain sensitive information via a series of requests. Infinite Automation Mango Automation is an open source web-based SCADA (data acquisition and monitoring control), HMI and automation software from Infinite Automation Systems, USA. An arbitrary-file-upload vulnerability 2. Multiple information-disclosure vulnerabilities 3. A command-execution vulnerability 4. An SQL-injection vulnerability 5. A cross-site request forgery vulnerability 6. A cross-site scripting vulnerability Attackers may leverage these issues to steal cookie-based authentication credentials, execute arbitrary script code in the browser, perform unauthorized actions, gain unauthorized access, obtain sensitive information, compromise the application, access or modify data and to execute arbitrary commands in the context of the vulnerable application; other attacks are also possible. It is easy, affordable, and open source.The application is prone to a reflected cross-sitescripting vulnerability due to a failure to properlysanitize user-supplied input to the 'username' POSTparameter in the 'login.htm' script. Mango Automation is a flexible SCADA, HMIAnd Automation software application that allows youto view, log, graph, animate, alarm, and report ondata from sensors, equipment, PLCs, databases, webpages,etc. It is easy, affordable, and open source.The weakness is caused due to the 'login.htm' scriptand how it verifies provided credentials. Attacker canuse this weakness to enumerate valid users on the affectednode.Tested on: Microsoft Windows 7 Professional SP1 (EN) 32/64bitMicrosoft Windows 7 Ultimate SP1 (EN) 32/64bitJetty(9.2.2.v20140723)Java(TM) SE Runtime Environment (build 1.8.0_51-b16)Java HotSpot(TM) Client VM (build 25.51-b03, mixed mode)
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "mango automation",
"scope": "eq",
"trust": 2.2,
"vendor": "infinite automation",
"version": "2.5.5"
},
{
"_id": null,
"model": "mango automation",
"scope": "eq",
"trust": 2.2,
"vendor": "infinite automation",
"version": "2.6.0"
},
{
"_id": null,
"model": "mango automation",
"scope": "eq",
"trust": 1.6,
"vendor": "infinite automation",
"version": "2.5.0"
},
{
"_id": null,
"model": "mango automation",
"scope": "eq",
"trust": 0.8,
"vendor": "infinite automation",
"version": "2.5.x"
},
{
"_id": null,
"model": "mango automation",
"scope": "lt",
"trust": 0.8,
"vendor": "infinite automation",
"version": "2.6.x"
},
{
"_id": null,
"model": "mango automation",
"scope": "eq",
"trust": 0.8,
"vendor": "infinite automation",
"version": "2.6.0 build 430"
},
{
"_id": null,
"model": "mango automation",
"scope": "eq",
"trust": 0.5,
"vendor": "infinite automation",
"version": "2.5.2 and 2.6.0 beta (build 327)"
},
{
"_id": null,
"model": "automation systems mango automation",
"scope": "eq",
"trust": 0.3,
"vendor": "infinite",
"version": "2.6.0"
},
{
"_id": null,
"model": "automation systems mango automation",
"scope": "eq",
"trust": 0.3,
"vendor": "infinite",
"version": "2.5.0"
},
{
"_id": null,
"model": "automation systems mango automation build",
"scope": "ne",
"trust": 0.3,
"vendor": "infinite",
"version": "2.6.0430"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "mango automation",
"version": "2.5.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "mango automation",
"version": "2.5.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "mango automation",
"version": "2.6.0"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2015-5261"
},
{
"db": "ZSL",
"id": "ZSL-2015-5259"
},
{
"db": "ZSL",
"id": "ZSL-2015-5258"
},
{
"db": "ZSL",
"id": "ZSL-2015-5257"
},
{
"db": "ZSL",
"id": "ZSL-2015-5256"
},
{
"db": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07171"
},
{
"db": "BID",
"id": "77331"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-682"
},
{
"db": "NVD",
"id": "CVE-2015-7902"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:infinite_automation_systems:mango_automation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
}
]
},
"credits": {
"_id": null,
"data": "Vulnerability discovered by Gjoko Krstic",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2015-5261"
},
{
"db": "ZSL",
"id": "ZSL-2015-5259"
},
{
"db": "ZSL",
"id": "ZSL-2015-5258"
},
{
"db": "ZSL",
"id": "ZSL-2015-5257"
},
{
"db": "ZSL",
"id": "ZSL-2015-5256"
}
],
"trust": 0.5
},
"cve": "CVE-2015-7902",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7902",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07171",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7902",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7902",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07171",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-682",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "ZSL",
"id": "ZSL-2015-5261",
"trust": 0.1,
"value": "(4/5)"
},
{
"author": "ZSL",
"id": "ZSL-2015-5259",
"trust": 0.1,
"value": "(4/5)"
},
{
"author": "ZSL",
"id": "ZSL-2015-5258",
"trust": 0.1,
"value": "(3/5)"
},
{
"author": "ZSL",
"id": "ZSL-2015-5257",
"trust": 0.1,
"value": "(3/5)"
},
{
"author": "ZSL",
"id": "ZSL-2015-5256",
"trust": 0.1,
"value": "(1/5)"
},
{
"author": "VULMON",
"id": "CVE-2015-7902",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2015-5261"
},
{
"db": "ZSL",
"id": "ZSL-2015-5259"
},
{
"db": "ZSL",
"id": "ZSL-2015-5258"
},
{
"db": "ZSL",
"id": "ZSL-2015-5257"
},
{
"db": "ZSL",
"id": "ZSL-2015-5256"
},
{
"db": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07171"
},
{
"db": "VULMON",
"id": "CVE-2015-7902"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-682"
},
{
"db": "NVD",
"id": "CVE-2015-7902"
}
]
},
"description": {
"_id": null,
"data": "Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to obtain sensitive information via a series of requests. Infinite Automation Mango Automation is an open source web-based SCADA (data acquisition and monitoring control), HMI and automation software from Infinite Automation Systems, USA. An arbitrary-file-upload vulnerability\n2. Multiple information-disclosure vulnerabilities\n3. A command-execution vulnerability\n4. An SQL-injection vulnerability\n5. A cross-site request forgery vulnerability\n6. A cross-site scripting vulnerability\nAttackers may leverage these issues to steal cookie-based authentication credentials, execute arbitrary script code in the browser, perform unauthorized actions, gain unauthorized access, obtain sensitive information, compromise the application, access or modify data and to execute arbitrary commands in the context of the vulnerable application; other attacks are also possible. It is easy, affordable, and open source.The application is prone to a reflected cross-sitescripting vulnerability due to a failure to properlysanitize user-supplied input to the \u0027username\u0027 POSTparameter in the \u0027login.htm\u0027 script. Mango Automation is a flexible SCADA, HMIAnd Automation software application that allows youto view, log, graph, animate, alarm, and report ondata from sensors, equipment, PLCs, databases, webpages,etc. It is easy, affordable, and open source.The weakness is caused due to the \u0027login.htm\u0027 scriptand how it verifies provided credentials. Attacker canuse this weakness to enumerate valid users on the affectednode.Tested on: Microsoft Windows 7 Professional SP1 (EN) 32/64bitMicrosoft Windows 7 Ultimate SP1 (EN) 32/64bitJetty(9.2.2.v20140723)Java(TM) SE Runtime Environment (build 1.8.0_51-b16)Java HotSpot(TM) Client VM (build 25.51-b03, mixed mode)",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7902"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
},
{
"db": "CNVD",
"id": "CNVD-2015-07171"
},
{
"db": "BID",
"id": "77331"
},
{
"db": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZSL",
"id": "ZSL-2015-5261"
},
{
"db": "ZSL",
"id": "ZSL-2015-5259"
},
{
"db": "ZSL",
"id": "ZSL-2015-5258"
},
{
"db": "ZSL",
"id": "ZSL-2015-5257"
},
{
"db": "ZSL",
"id": "ZSL-2015-5256"
},
{
"db": "VULMON",
"id": "CVE-2015-7902"
}
],
"trust": 3.15
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.zeroscience.mk/codes/mango_cmdexec.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.zeroscience.mk/codes/mango_sql.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.zeroscience.mk/codes/mango_csrf.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.zeroscience.mk/codes/mango_xss.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.zeroscience.mk/codes/mango_userenum.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38338",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2015-5261"
},
{
"db": "ZSL",
"id": "ZSL-2015-5259"
},
{
"db": "ZSL",
"id": "ZSL-2015-5258"
},
{
"db": "ZSL",
"id": "ZSL-2015-5257"
},
{
"db": "ZSL",
"id": "ZSL-2015-5256"
},
{
"db": "VULMON",
"id": "CVE-2015-7902"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-7902",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-15-300-02",
"trust": 3.5
},
{
"db": "CNVD",
"id": "CNVD-2015-07171",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-682",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005641",
"trust": 0.8
},
{
"db": "EXPLOIT-DB",
"id": "38338",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-15-300-02A",
"trust": 0.6
},
{
"db": "BID",
"id": "77331",
"trust": 0.5
},
{
"db": "AUSCERT",
"id": "ESB-2015.2713",
"trust": 0.2
},
{
"db": "IVD",
"id": "6D568EC4-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "NVD",
"id": "CVE-2015-7901",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133734",
"trust": 0.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005640",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2015-5261",
"trust": 0.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005642",
"trust": 0.1
},
{
"db": "NVD",
"id": "CVE-2015-7903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133732",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2015-5259",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133731",
"trust": 0.1
},
{
"db": "NVD",
"id": "CVE-2015-6493",
"trust": 0.1
},
{
"db": "NSFOCUS",
"id": "31400",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2015-5258",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2015090186",
"trust": 0.1
},
{
"db": "NVD",
"id": "CVE-2015-6494",
"trust": 0.1
},
{
"db": "NSFOCUS",
"id": "31399",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133727",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2015-5257",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2015090185",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133726",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2015-5256",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7902",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2015-5261"
},
{
"db": "ZSL",
"id": "ZSL-2015-5259"
},
{
"db": "ZSL",
"id": "ZSL-2015-5258"
},
{
"db": "ZSL",
"id": "ZSL-2015-5257"
},
{
"db": "ZSL",
"id": "ZSL-2015-5256"
},
{
"db": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07171"
},
{
"db": "VULMON",
"id": "CVE-2015-7902"
},
{
"db": "BID",
"id": "77331"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-682"
},
{
"db": "NVD",
"id": "CVE-2015-7902"
}
]
},
"id": "VAR-201510-0100",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07171"
}
],
"trust": 1.4025641000000002
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07171"
}
]
},
"last_update_date": "2024-11-23T21:43:47.306000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Mango Automation Core with All Features Download",
"trust": 0.8,
"url": "http://infiniteautomation.com/index.php/download"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://infiniteautomation.com/index.php/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
},
{
"db": "NVD",
"id": "CVE-2015-7902"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-300-02"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7902"
},
{
"trust": 0.9,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7902"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/38338/"
},
{
"trust": 0.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-300-02a"
},
{
"trust": 0.5,
"url": "http://infiniteautomation.com/forum/topic/1995/mango-security-testing"
},
{
"trust": 0.5,
"url": "http://infiniteautomation.com/index.php/what-s-new/entry/what-s-new-in-mango-automation-2-6-0-released-october-20th-2016"
},
{
"trust": 0.5,
"url": "http://infiniteautomation.com/forum/topic/1997/mango-automation-2-6-released"
},
{
"trust": 0.3,
"url": "http://infiniteautomation.com/"
},
{
"trust": 0.2,
"url": "https://www.auscert.org.au/render.html?it=27342"
},
{
"trust": 0.2,
"url": "http://www.securityfocus.com/bid/77331"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/133734"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/106864"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7901"
},
{
"trust": 0.1,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7901"
},
{
"trust": 0.1,
"url": "http://jvndb.jvn.jp/ja/contents/2015/jvndb-2015-005640.html"
},
{
"trust": 0.1,
"url": "http://www.securityweek.com/infinite-automation-patches-flaws-scadahmi-product"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/133732"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/106862"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7903"
},
{
"trust": 0.1,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7903"
},
{
"trust": 0.1,
"url": "http://www.cvedetails.com/vendor/15200/infinite-automation-systems.html"
},
{
"trust": 0.1,
"url": "http://jvndb.jvn.jp/ja/contents/2015/jvndb-2015-005642.html"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/133731"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/106858"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6493"
},
{
"trust": 0.1,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6493"
},
{
"trust": 0.1,
"url": "http://www.nsfocus.net/vulndb/31400"
},
{
"trust": 0.1,
"url": "http://chemical-facility-security-news.blogspot.com/2015/10/ics-cert-publishes-three-advisories.html"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/133727"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2015090186"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/106786"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6494"
},
{
"trust": 0.1,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6494"
},
{
"trust": 0.1,
"url": "http://www.nsfocus.net/vulndb/31399"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/133726"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2015090185"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/106937"
},
{
"trust": 0.1,
"url": "http://www.cnnvd.org.cn/vulnerability/show/cv_id/2015100682"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2015-5261"
},
{
"db": "ZSL",
"id": "ZSL-2015-5259"
},
{
"db": "ZSL",
"id": "ZSL-2015-5258"
},
{
"db": "ZSL",
"id": "ZSL-2015-5257"
},
{
"db": "ZSL",
"id": "ZSL-2015-5256"
},
{
"db": "CNVD",
"id": "CNVD-2015-07171"
},
{
"db": "VULMON",
"id": "CVE-2015-7902"
},
{
"db": "BID",
"id": "77331"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-682"
},
{
"db": "NVD",
"id": "CVE-2015-7902"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZSL",
"id": "ZSL-2015-5261",
"ident": null
},
{
"db": "ZSL",
"id": "ZSL-2015-5259",
"ident": null
},
{
"db": "ZSL",
"id": "ZSL-2015-5258",
"ident": null
},
{
"db": "ZSL",
"id": "ZSL-2015-5257",
"ident": null
},
{
"db": "ZSL",
"id": "ZSL-2015-5256",
"ident": null
},
{
"db": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2015-07171",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-7902",
"ident": null
},
{
"db": "BID",
"id": "77331",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005641",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201510-682",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-7902",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-09-26T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5261",
"ident": null
},
{
"date": "2015-09-26T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5259",
"ident": null
},
{
"date": "2015-09-26T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5258",
"ident": null
},
{
"date": "2015-09-26T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5257",
"ident": null
},
{
"date": "2015-09-26T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5256",
"ident": null
},
{
"date": "2015-11-02T00:00:00",
"db": "IVD",
"id": "6d568ec4-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2015-11-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07171",
"ident": null
},
{
"date": "2015-10-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7902",
"ident": null
},
{
"date": "2015-10-27T00:00:00",
"db": "BID",
"id": "77331",
"ident": null
},
{
"date": "2015-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005641",
"ident": null
},
{
"date": "2015-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-682",
"ident": null
},
{
"date": "2015-10-28T10:59:22.580000",
"db": "NVD",
"id": "CVE-2015-7902",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-01-04T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5261",
"ident": null
},
{
"date": "2015-10-29T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5259",
"ident": null
},
{
"date": "2015-10-29T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5258",
"ident": null
},
{
"date": "2015-10-29T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5257",
"ident": null
},
{
"date": "2015-10-29T00:00:00",
"db": "ZSL",
"id": "ZSL-2015-5256",
"ident": null
},
{
"date": "2015-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07171",
"ident": null
},
{
"date": "2015-10-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7902",
"ident": null
},
{
"date": "2015-10-27T00:00:00",
"db": "BID",
"id": "77331",
"ident": null
},
{
"date": "2015-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005641",
"ident": null
},
{
"date": "2015-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-682",
"ident": null
},
{
"date": "2024-11-21T02:37:38.407000",
"db": "NVD",
"id": "CVE-2015-7902",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-682"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Infinite Automation Mango Automation Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005641"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-682"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…