What is the severity of CVE-2014-5208?

The severity of CVE-2014-5208 is considered high due to the lack of authentication required for file operations.

How do I fix CVE-2014-5208?

To fix CVE-2014-5208, it's recommended to upgrade affected Yokogawa products to patched versions provided by the vendor.

What versions of Yokogawa software are affected by CVE-2014-5208?

CVE-2014-5208 affects Yokogawa CENTUM CS 3000 versions up to R3.09.50, CENTUM VP up to R4.03.00, and Exaopc up to R3.72.10.

What are the risks associated with CVE-2014-5208?

The risks associated with CVE-2014-5208 include unauthorized access to sensitive files, which could lead to data breaches or system compromise.

Can CVE-2014-5208 be exploited remotely?

Yes, CVE-2014-5208 can be exploited remotely by attackers due to the lack of authentication in the affected file operations.

Vulnerability/
CVE-2014-5208

high

7.5

CWE

284

22/12/2014

6/8/2024

CVE-2014-5208

First published: Mon Dec 22 2014(Updated: )

BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbitrary files via a STOR operation, or obtain sensitive database-location information via a PMODE operation, a different vulnerability than CVE-2014-0784.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
Yokogawa Exaopc	<=3.71.10
Yokogawa Exaopc
Yokogawa CENTUM CS 3000	=r3.01
Yokogawa CENTUM CS 3000	=r3.02
Yokogawa CENTUM CS 3000	=r3.03
Yokogawa CENTUM CS 3000	=r3.04
Yokogawa CENTUM CS 3000	=r3.05
Yokogawa CENTUM CS 3000	=r3.06
Yokogawa CENTUM CS 3000	=r3.07
Yokogawa CENTUM CS 3000	=r3.08
Yokogawa CENTUM CS 3000	=r3.08.50
Yokogawa CENTUM CS 3000	=r3.08.70
Yokogawa CENTUM CS 3000	=r3.09
Yokogawa CENTUM CS 3000	=r3.09.50
Yokogawa CENTUM CS 3000
Yokogawa Centum Vp	<=r4.03.00
Yokogawa Centum Vp	=r5.01.00
Yokogawa Centum Vp	=r5.01.20
Yokogawa Centum Vp	=r5.02.00
Yokogawa Centum Vp	=r5.03.00
Yokogawa Centum Vp

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-5208?
The severity of CVE-2014-5208 is considered high due to the lack of authentication required for file operations.
How do I fix CVE-2014-5208?
To fix CVE-2014-5208, it's recommended to upgrade affected Yokogawa products to patched versions provided by the vendor.
What versions of Yokogawa software are affected by CVE-2014-5208?
CVE-2014-5208 affects Yokogawa CENTUM CS 3000 versions up to R3.09.50, CENTUM VP up to R4.03.00, and Exaopc up to R3.72.10.
What are the risks associated with CVE-2014-5208?
The risks associated with CVE-2014-5208 include unauthorized access to sensitive files, which could lead to data breaches or system compromise.
Can CVE-2014-5208 be exploited remotely?
Yes, CVE-2014-5208 can be exploited remotely by attackers due to the lack of authentication in the affected file operations.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/last-modified-date
agent/weakness
agent/references
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/source
vendor/yokogawa
canonical/yokogawa exaopc
version/yokogawa exaopc/3.71.10
canonical/yokogawa centum cs 3000
version/yokogawa centum cs 3000/r3.01
version/yokogawa centum cs 3000/r3.02
version/yokogawa centum cs 3000/r3.03
version/yokogawa centum cs 3000/r3.04
version/yokogawa centum cs 3000/r3.05
version/yokogawa centum cs 3000/r3.06
version/yokogawa centum cs 3000/r3.07
version/yokogawa centum cs 3000/r3.08
version/yokogawa centum cs 3000/r3.08.50
version/yokogawa centum cs 3000/r3.08.70
version/yokogawa centum cs 3000/r3.09
version/yokogawa centum cs 3000/r3.09.50
canonical/yokogawa centum vp
version/yokogawa centum vp/r4.03.00
version/yokogawa centum vp/r5.01.00
version/yokogawa centum vp/r5.01.20
version/yokogawa centum vp/r5.02.00
version/yokogawa centum vp/r5.03.00

Frequently Asked Questions

What is the severity of CVE-2014-5208?
The severity of CVE-2014-5208 is considered high due to the lack of authentication required for file operations.
How do I fix CVE-2014-5208?
To fix CVE-2014-5208, it's recommended to upgrade affected Yokogawa products to patched versions provided by the vendor.
What versions of Yokogawa software are affected by CVE-2014-5208?
CVE-2014-5208 affects Yokogawa CENTUM CS 3000 versions up to R3.09.50, CENTUM VP up to R4.03.00, and Exaopc up to R3.72.10.
What are the risks associated with CVE-2014-5208?
The risks associated with CVE-2014-5208 include unauthorized access to sensitive files, which could lead to data breaches or system compromise.
Can CVE-2014-5208 be exploited remotely?
Yes, CVE-2014-5208 can be exploited remotely by attackers due to the lack of authentication in the affected file operations.

CVE-2014-5208

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-5208?

How do I fix CVE-2014-5208?

What versions of Yokogawa software are affected by CVE-2014-5208?

What are the risks associated with CVE-2014-5208?

Can CVE-2014-5208 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-5208?

How do I fix CVE-2014-5208?

What versions of Yokogawa software are affected by CVE-2014-5208?

What are the risks associated with CVE-2014-5208?

Can CVE-2014-5208 be exploited remotely?