CVE-2014-2381 - OpenCVE

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Invensys	Wonderware Information Server

Configuration 1 [-]

OR	cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1::::::
	cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:::portal:::*
	cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:::::*
	cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:::::*
	cpe:2.3:a:invensys:wonderware_information_server:5.5::::portal:::

No data.

References

Link	Providers
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json
https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02
https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02

History

Fri, 31 Oct 2025 23:30:00 +0000

Type	Values Removed	Values Added
Title		Schneider Electric Wonderware Inadequate Encryption Strength
Weaknesses		CWE-326
References		https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2014-08-28T01:00:00

Updated: 2025-10-31T23:19:54.894Z

Reserved: 2014-03-13T00:00:00

Link: CVE-2014-2381

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2014-08-28T01:55:03.200

Modified: 2025-11-01T00:15:32.600

Link: CVE-2014-2381

Redhat

No data.

{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Wonderware Information Server Portal", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "4.0 SP1"}, {"status": "affected", "version": "4.5"}, {"status": "affected", "version": "5.0"}, {"status": "affected", "version": "5.5"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:4.0_sp1:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:4.5:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:5.0:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider_electric:wonderware_information_server_portal:5.5:*:*:*:*:*:*:*", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team"}], "datePublic": "2014-08-26T06:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file."}], "value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file."}], "metrics": [{"cvssV2_0": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-326", "description": "CWE-326", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-10-31T23:19:54.894Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Schneider Electric has created an update for WIS web pages and \ncomponents to address the vulnerabilities listed in this advisory. \nCustomers using all versions of WIS are affected and should upgrade to \nWIS Version 5.5 and then apply the security update.</p>\n<p>Customers using the affected versions of WIS should set the security \nlevel settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize \nthe risks presented by these vulnerabilities. In addition, the \nWonderware Information Server Portal can be configured to use HTTPS that\n will require additional steps as documented in the products user \ndocumentation.</p>\n<p>Schneider Electric has released a security bulletin titled \u201cMultiple \nVulnerabilities in Wonderware Information Server LFSEC00000102\u201d to \nannounce the security update, which is available at the following \nlocation:</p>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf\">https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf</a></p>\n\n<br>"}], "value": "Schneider Electric has created an update for WIS web pages and \ncomponents to address the vulnerabilities listed in this advisory. \nCustomers using all versions of WIS are affected and should upgrade to \nWIS Version 5.5 and then apply the security update.\n\n\nCustomers using the affected versions of WIS should set the security \nlevel settings in the Internet browser to \u201cMedium \u2013 High\u201d to minimize \nthe risks presented by these vulnerabilities. In addition, the \nWonderware Information Server Portal can be configured to use HTTPS that\n will require additional steps as documented in the products user \ndocumentation.\n\n\nSchneider Electric has released a security bulletin titled \u201cMultiple \nVulnerabilities in Wonderware Information Server LFSEC00000102\u201d to \nannounce the security update, which is available at the following \nlocation:\n\n\n https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000102.pdf"}], "source": {"advisory": "ICSA-14-238-02", "discovery": "EXTERNAL"}, "title": "Schneider Electric Wonderware Inadequate Encryption Strength", "x_generator": {"engine": "Vulnogram 0.4.0"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2014-2380", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:14:25.871Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2014-2381", "datePublished": "2014-08-28T01:00:00", "dateReserved": "2014-03-13T00:00:00", "dateUpdated": "2025-10-31T23:19:54.894Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "325DE4D6-7649-4566-BC6E-1F8DC16FF1A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:portal:*:*:*", "matchCriteriaId": "C8A82967-0AEC-4C46-91D0-92CA332C9C86", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_information_server:4.5:-:portal:*:*:*:*:*", "matchCriteriaId": "D7292C59-D289-4874-8385-B1B2C246F935", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_information_server:5.0:-:portal:*:*:*:*:*", "matchCriteriaId": "8EA37129-F327-4EE6-B1FB-BFB0C3C68856", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_information_server:5.5:*:*:*:portal:*:*:*", "matchCriteriaId": "FFBE9EBE-6678-4AFC-9052-8EC6B319EB7B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file."}, {"lang": "es", "value": "Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 hasta 5.5 utiliza codificaciones d\u00e9biles, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de un fichero de credenciales."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/326.html\" target=\"_blank\">CWE-326: Inadequate Encryption Strength</a>", "id": "CVE-2014-2381", "lastModified": "2025-11-01T00:15:32.600", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}, {"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-08-28T01:55:03.200", "references": [{"source": "[email protected]", "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json"}, {"source": "[email protected]", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Secondary"}]}