CVE-2016-5787

General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.

Published: Jul 15, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-5787
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.3
AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-668

Affected Software
References

Software	From	Fixed in
ge / cimplicity	8.2-sim2	8.2-sim2.x
ge / cimplicity	8.2-sim3	8.2-sim3.x
ge / cimplicity	8.2-sim4	8.2-sim4.x
ge / cimplicity	8.2-sim5	8.2-sim5.x
ge / cimplicity	8.2-sim6	8.2-sim6.x
ge / cimplicity	8.2-sim7	8.2-sim7.x
ge / cimplicity	8.2-sim8	8.2-sim8.x
ge / cimplicity	8.2-sim9	8.2-sim9.x
ge / cimplicity	8.2-sim10	8.2-sim10.x
ge / cimplicity	8.2-sim11	8.2-sim11.x
ge / cimplicity	8.2-sim12	8.2-sim12.x
ge / cimplicity	8.2-sim13	8.2-sim13.x
ge / cimplicity	8.2-sim14	8.2-sim14.x
ge / cimplicity	8.2-sim15	8.2-sim15.x
ge / cimplicity	8.2-sim16	8.2-sim16.x
ge / cimplicity	8.2-sim17	8.2-sim17.x
ge / cimplicity	8.2-sim18	8.2-sim18.x
ge / cimplicity	8.2-sim19	8.2-sim19.x
ge / cimplicity	8.2-sim20	8.2-sim20.x
ge / cimplicity	8.2-sim21	8.2-sim21.x
ge / cimplicity	8.2-sim22	8.2-sim22.x
ge / cimplicity	8.2-sim23	8.2-sim23.x
ge / cimplicity	8.2-sim24	8.2-sim24.x
ge / cimplicity	8.2-sim25	8.2-sim25.x
ge / cimplicity	8.2-sim26	8.2-sim26.x
ge / cimplicity	8.2-sim1	8.2-sim1.x
ge / cimplicity	-	8.2

Vulnerability Database

289,784

CVE-2016-5787