CVE-2014-0752

The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ecava:integraxor:*:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:3.5.3900.5:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:3.5.3900.10:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:3.6.4000.0:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:3.60.4061:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:3.71:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:3.71.4200:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:3.72:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:4.00:*:*:*:*:*:*:*
cpe:2.3:a:ecava:integraxor:4.1:*:*:*:*:*:*:*

History

22 Aug 2025, 23:15

Type Values Removed Values Added
References
  • () https://www.cisa.gov/news-events/ics-advisories/icsa-14-008-01 -
CWE CWE-529
CVSS v2 : 5.0
v3 : unknown
v2 : 7.5
v3 : unknown

21 Nov 2024, 02:02

Type Values Removed Values Added
References () http://ics-cert.us-cert.gov/advisories/ICSA-14-008-01 - Patch, US Government Resource () http://ics-cert.us-cert.gov/advisories/ICSA-14-008-01 - Patch, US Government Resource
References () http://www.integraxor.com/blog/category/security/vulnerability-note/ - Patch, Vendor Advisory () http://www.integraxor.com/blog/category/security/vulnerability-note/ - Patch, Vendor Advisory

Information

Published : 2014-01-09 18:07

Updated : 2025-08-22 23:15


NVD link : CVE-2014-0752

Mitre link : CVE-2014-0752

CVE.ORG link : CVE-2014-0752


JSON object : View

Products Affected

ecava

  • integraxor
CWE
CWE-529

Exposure of Access Control List Files to an Unauthorized Control Sphere

CWE-264

Permissions, Privileges, and Access Controls