CVE-2012-0228 Information

Description

Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Reference

http://osvdb.org/80890 http://secunia.com/advisories/48603 http://www.securityfocus.com/bid/52851 http://www.securitytracker.com/id?1026886 http://www.securitytracker.com/id?1026887 http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf