CVE-2014-2375

Name of the Vulnerable Software and Affected Versions Ecava IntegraXor SCADA Server versions 4.1.4360 and earlier Ecava IntegraXor SCADA Server Beta versions 4.1.4392 and earlier

Description The issue allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.

Recommendations For Ecava IntegraXor SCADA Server versions 4.1.4360 and earlier, update to a version later than 4.1.4360 to resolve the issue. For Ecava IntegraXor SCADA Server Beta versions 4.1.4392 and earlier, update to a version later than 4.1.4392 to resolve the issue. As a temporary workaround, consider disabling the CSV export feature until a patch is available.