CVE-2011-3496

{"id": "CVE-2011-3496", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-09-16T17:26:14.747", "references": [{"url": "http://aluigi.altervista.org/adv/scadapro_1-adv.txt", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/8382", "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/17848", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf", "tags": ["US Government Resource"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command."}, {"lang": "es", "value": "service.exe de Measuresoft ScadaPro 4.0.0 y versiones anteriores permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en un comando (1) BF, (2) OF, o (3) EF command."}], "lastModified": "2012-02-14T04:08:47.447", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:measuresoft:scadapro:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBFF5B3D-DABA-4E92-AC69-9998F288AA2B", "versionEndIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74F85C2D-3377-4B8C-AF4B-FD01B0083794"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3D0C2F7-8054-4EA7-A693-137A17659C79"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86A0AD83-C41A-40F2-95BA-F3CEB36FF94D"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "597AFF74-46ED-4D6F-8BCE-504C74FBBEF6"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1F33262-DE1E-4B8F-AFB9-F7BC299EAFF9"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EEDC896-7F2A-40E7-ACCE-9C980F94E6FD"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD97BE73-E811-4781-BFCE-5E9152E3BB36"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7778862C-7D8C-4526-BDA4-C250F9D429BE"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F86E1457-0402-4D0E-8987-2EE76D7433CB"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA5165C7-A10F-4031-8BE3-AF498670C2CE"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1994D66-D899-43B2-BA68-227D00B393DC"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC28F1F0-DB4D-4F18-8C35-2A02CE0EC62F"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "651948B3-3E2A-40E3-9DAB-632D1B2F6B04"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B94500F-3900-4B2B-B5D8-6717F53D8E1D"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93F4124D-9FD8-4AE0-8CA7-3C6221793EDE"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6E993F5-FA92-40E1-80F3-55D5C9997764"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "385F7BD9-3673-468A-B763-589DA146FCBF"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABFE8459-F14D-47F0-837F-43DF6C135A3B"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02306481-E4AF-426E-9CD1-8AF9AEFCF83B"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0616A546-65FD-4031-867F-A563A713EC41"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "862D8D68-F1E8-4296-B4A9-69BE4DCFD30E"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:2.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74ADC027-F5E4-4333-9F8D-D78995ED29A2"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78E84AEE-31D9-4C24-B43A-842F3797214A"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9481EED9-65E7-4526-BA63-157754F573EB"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A24F0D39-69D7-4551-8224-409EE89A9D24"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F04369CC-50E5-4ADC-BA6E-9A6691DF4FA2"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3219CBC3-5FB0-4F7C-B85E-81E08681B6EB"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93369CE3-F5B5-4646-90B3-8CD153B0F4D4"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7CF4079-FFB3-4014-8782-E6606AAB659F"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "763F55F8-4249-4872-856B-CF5A975345B0"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3405AE26-4017-4B6F-9B55-A295CE748617"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825EAF60-1956-41C9-986E-381B2835040D"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3932E319-BCFA-4D52-97CA-02994762169C"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58B02AA7-2DB9-41D3-BE91-CC8763875512"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDA1B435-B62C-4033-A5A2-1E602E1505C4"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3503871F-01AC-43F8-A062-E7989504B9F0"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49B77571-7906-4448-AB5D-12BBF1CB9A65"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3B62A37-8C25-45F8-BB2F-8E7408482113"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A88F29C4-1569-4DE2-99D6-B432CCBFBC56"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82B5B15E-C98D-43B6-BB34-D8FF2A2AC734"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03951392-1524-468D-9E1F-0EC0A766EA8F"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B17D19A-383D-482B-B2B4-4377028234EB"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16A82A50-EA8C-44AE-A290-CC44FF4F4E2D"}, {"criteria": "cpe:2.3:a:measuresoft:scadapro:3.9.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FA791E9-0DE0-47F1-BF6F-1A58AD76C4DA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}