CVE-2014-0786
Ecava IntegraXor < 4.1.4393 - Unauthenticated Cleartext Credential Exposure via SELECT Statements
Title source: llmDescription
Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role.
References (4)
Core 4
Core References
Patch, US Government Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-091-01
Vendor Advisory x_refsource_confirm
http://www.integraxor.com/blog/category/security/vulnerability-note/
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-14-091-01
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-14-224-01
Scores
EPSS
0.0265
EPSS Percentile
83.8%
Details
CWE
CWE-200
CWE-310
Status
published
Products (7)
ecava/integraxor
4.1
ecava/integraxor
4.1.4340
ecava/integraxor
4.1.4360
ecava/integraxor
4.1.4369
ecava/integraxor
4.1.4380
ecava/integraxor
< 4.1.4390
Ecava/IntegraXor
< 4.1.4410
Published
May 01, 2014
Tracked Since
Feb 18, 2026