Directory Traversal Vulnerability in ICONICS WebHMI by ICONICS
CVE-2016-2289

7.5HIGH

Key Information:

Vendor: Iconics
Status: Webhmi
Vendor: CVE Published:; 1 April 2016

What is CVE-2016-2289?

A directory traversal vulnerability exists in ICONICS WebHMI 9 and earlier versions, enabling remote attackers to access sensitive configuration files. Exploiting this flaw could allow unauthorized users to retrieve password hashes and other critical information, raising significant security concerns for affected systems.

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-091-01

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2016
Vulnerability Reserved
Feb 9, 2016

Iconics

What is CVE-2016-2289?

References

CVSS V3.1

Timeline