CVE-2017-6045

HIGH

Trihedral VTScada < 11.2.26 - Unauthenticated Exposure of Sensitive Configuration Information

Title source: llm
STIX 2.1

Description

An Information Exposure issue was discovered in Trihedral VTScada Versions prior to 11.2.26. Some files are exposed within the web server application to unauthenticated users. These files may contain sensitive configuration information.

References (2)

Core 2
Core References
Mitigation, Patch, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-164-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99066

Scores

CVSS v3 7.5
EPSS 0.0168
EPSS Percentile 74.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200 CWE-548
Status published
Products (2)
n/a/Trihedral VTScada Trihedral VTScada
trihedral/vtscada < 11.2.23
Published Jun 21, 2017
Tracked Since Feb 18, 2026