Details of VAR-202103-1800

ID

VAR-202103-1800

TITLE

Delta Electronics Enterprise Management (Shanghai) Co., Ltd. has an arbitrary file reading vulnerability in DIAView (CNVD-2021-08514)

Trust: 0.6

sources: CNVD: CNVD-2021-08514

DESCRIPTION

DIAView is an automated management system with real-time system monitoring, data acquisition and analysis functions. The DIAView configuration software of Delta Electronics Enterprise Management (Shanghai) Co., Ltd. has an arbitrary file reading vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-08514

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-08514

AFFECTED PRODUCTS

vendor:

delta management

model:

diaview

scope:

version:

v3.5.0

Trust: 0.6

sources: CNVD: CNVD-2021-08514

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-08514
value:	LOW
Trust: 0.6

CNVD:	CNVD-2021-08514
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-08514

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-08514

Trust: 0.6

sources: CNVD: CNVD-2021-08514

SOURCES

db:

CNVD

id:

CNVD-2021-08514

LAST UPDATE DATE

2022-05-04T08:33:03.807000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-08514

date:

2021-02-22T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-08514

date:

2021-03-04T00:00:00