CVE-2014-2717

Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page.
References
Link Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-175-01 Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:h:honeywell:falcon_xlweb_linux_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:honeywell:falcon_xlweb_xlwebexe:*:*:*:*:*:*:*:*

Information

Published : 2014-07-24 07:55

Updated : 2014-07-25 06:52


NVD link : CVE-2014-2717

Mitre link : CVE-2014-2717


JSON object : View

Advertisement

dedicated server usa

Products Affected

honeywell

  • falcon_xlweb_linux_controller
  • falcon_xlweb_xlwebexe