HTTP: Schneider Electric SCADA Expert ClearSCADA Denial of Service
This signature detects attempts to exploit a known vulnerability against Schneider Electric SCADA Expert ClearSCADA. A successful attack can result in a denial-of-service condition.
Extended Description
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Affected Products
Aveva clearscada
References
CVE: CVE-2014-5411
Short Name
HTTP:DOS:SCHNEIDER-EXPRT-SCADA
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2014-5411 ClearSCADA Denial Electric Expert SCADA Schneider Service of
Release Date
10/20/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Schneider-electric
Aveva
CVSS Score
3.5