CVE-2015-6471

Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-295-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:eaton:proview:4.0:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.10:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-12-23 03:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-6471

Mitre link : CVE-2015-6471

CVE.ORG link : CVE-2015-6471


JSON object : View

Products Affected

eaton

  • proview
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor