Proficy Historian
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-1918 | 0.01 | — | 0.06 | Nov 2, 2011 | Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message… | |||
| CVE-2022-38469 | 0.00 | — | 0.01 | Jan 17, 2023 | An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords. | |||
| CVE-2022-46331 | 0.00 | — | 0.01 | Jan 17, 2023 | An unauthorized user could possibly delete any file on the system. | |||
| CVE-2022-43494 | 0.00 | — | 0.01 | Jan 17, 2023 | An unauthorized user could be able to read any file on the system, potentially exposing sensitive information. | |||
| CVE-2022-46660 | 0.00 | — | 0.01 | Jan 17, 2023 | An unauthorized user could alter or write files with full control over the path and content of the file. | |||
| CVE-2022-46732 | 0.00 | — | 0.01 | Jan 17, 2023 | Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status. |
- CVE-2011-1918Nov 2, 2011risk 0.01cvss —epss 0.06
Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message…
- CVE-2022-38469Jan 17, 2023risk 0.00cvss —epss 0.01
An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords.
- CVE-2022-46331Jan 17, 2023risk 0.00cvss —epss 0.01
An unauthorized user could possibly delete any file on the system.
- CVE-2022-43494Jan 17, 2023risk 0.00cvss —epss 0.01
An unauthorized user could be able to read any file on the system, potentially exposing sensitive information.
- CVE-2022-46660Jan 17, 2023risk 0.00cvss —epss 0.01
An unauthorized user could alter or write files with full control over the path and content of the file.
- CVE-2022-46732Jan 17, 2023risk 0.00cvss —epss 0.01
Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status.