What is CVE-2017-6031?

CVE-2017-6031 is a high-severity vulnerability in Certec_edv_gmbh Atvise_scada, classified under Improper Neutralization of HTTP Headers for Scripting Syntax. CVSS score: 8.8/10. Published 2017-05-06.

How severe is CVE-2017-6031?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Certec_edv_gmbh Atvise_scada

CVE-2017-6031

A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution.

EPSS: 0.012 (78.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Certec_edv_gmbh Atvise_scada
N/a Certec Edv Gmbh Atvise Scada — versions Certec EDV GmbH atvise scada

Weakness classification (CWE)

References

ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)
ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2017-6031?: CVE-2017-6031 is a high-severity vulnerability in Certec_edv_gmbh Atvise_scada, classified under Improper Neutralization of HTTP Headers for Scripting Syntax. CVSS score: 8.8/10. Published 2017-05-06.
How severe is CVE-2017-6031?: High severity. CVSS v3 base score is 8.8 out of 10.