VYPR

Intelligent Platforms Proficy Real Time Information Portal

by Ge

CVEs (8)

  • CVE-2008-0174CriJan 29, 2008
    risk 0.64cvss 9.8epss 0.02

    GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges.

  • CVE-2008-0175Jan 29, 2008
    risk 0.04cvss epss 0.15

    Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the main virtual directory.

  • CVE-2013-0652Jan 27, 2013
    risk 0.00cvss epss 0.02

    GE Intelligent Platforms Proficy Real-Time Information Portal does not restrict access to methods of an unspecified Java class, which allows remote attackers to obtain a username listing via an RMI call.

  • CVE-2013-0651Jan 27, 2013
    risk 0.00cvss epss 0.01

    The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to read configuration files, and discover data-source credentials, via…

  • CVE-2012-3026Nov 1, 2012
    risk 0.00cvss epss 0.05

    rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a…

  • CVE-2012-3021Nov 1, 2012
    risk 0.00cvss epss 0.05

    rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a…

  • CVE-2012-3010Nov 1, 2012
    risk 0.00cvss epss 0.05

    rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a…

  • CVE-2012-0232Mar 15, 2012
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6, 3.0, 3.0 SP1, and 3.5 allows remote attackers to modify the configuration via crafted strings.