Vulnerability Description
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. An attacker may be able to retrieve user passwords if he or she has access to an authenticated session.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | Cimplicity | <= 9.0 |
| Ge | Historian | <= 6.0 |
| Ge | Ifix | <= 5.8 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/95630Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037809Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-336-05AMitigationThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/95630Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037809Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-336-05AMitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2016-9360?
CVE-2016-9360 is a vulnerability with a CVSS score of 6.7 (MEDIUM). An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Versio...
How severe is CVE-2016-9360?
CVE-2016-9360 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-9360?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Cimplicity, Ge Historian, Ge Ifix.