Vulnerability Description
An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Spidercontrol | Ininet Webserver | <= 2.02.0000 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100951Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-264-04Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/100951Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-264-04Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-13995?
CVE-2017-13995 is a vulnerability with a CVSS score of 10.0 (CRITICAL). An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious ...
How severe is CVE-2017-13995?
CVE-2017-13995 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-13995?
Check the references section above for vendor advisories and patch information. Affected products include: Spidercontrol Ininet Webserver.