CVE-2014-9199

10.0

CVSS 2.0

Description

The Clorius Controls Java web client before 01.00.0009g allows remote attackers to discover credentials by sniffing the network for cleartext-equivalent traffic.

Metadata

CVE ID: CVE-2014-9199
State: PUBLISHED
Assigner: icscert
Reserved: 2014-12-02 00:00 UTC
Published: 2015-01-17 02:00 UTC
Last updated: 2025-09-05 21:23 UTC
Primary CWE: CWE-326
CWE-326
Vendor / Product: Clorius Controls / A/S Java web client
Sources: cve.org · NVD

Severity & Metrics

10.0 N/D CVSS 2.0

AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected products (1)

Vendor	Product	Platform	Versions
Clorius Controls	A/S Java web client	—	0 ≤ 01.00.0009b

Weakness (CWE)

CWE	Source	Description
CWE-326	cna	CWE-326

CVSS scores (1)

Score	Severity	Version	Source	Vector
10.0	N/D	2.0	cna	AV:N/AC:L/Au:N/C:C/I:C/A:C

References (2)

https://www.cisa.gov/news-events/ics-advisories/icsa-15-013-02
http://www.cloriuscontrols.com

Back to overview