Vulnerabilities > Emerson > Deltav > 11.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-05-22 | CVE-2014-2350 | Credentials Management vulnerability in Emerson Deltav Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program. | 7.5 |
| 2014-05-22 | CVE-2014-2349 | Permissions, Privileges, and Access Controls vulnerability in Emerson Deltav Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges. | 4.6 |
| 2012-10-01 | CVE-2012-3035 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Emerson Deltav Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows remote attackers to cause a denial of service (daemon crash) via a long string to an unspecified port. | 5.0 |
| 2012-06-08 | CVE-2012-1818 | Permissions, Privileges, and Access Controls vulnerability in Emerson products An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitrary files via unknown vectors. | 6.4 |
| 2012-06-08 | CVE-2012-1817 | Improper Input Validation vulnerability in Emerson products Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via an invalid field in a project file. | 7.5 |
| 2012-06-08 | CVE-2012-1816 | Buffer Errors vulnerability in Emerson products PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) TCP or (2) UDP packet to port 111. | 5.0 |
| 2012-06-08 | CVE-2012-1815 | SQL Injection vulnerability in Emerson products SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2012-06-08 | CVE-2012-1814 | Cross-Site Scripting vulnerability in Emerson products Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |