{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:13:26.358","vulnerabilities":[{"cve":{"id":"CVE-2014-5411","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2014-09-18T10:55:11.640","lastModified":"2025-11-04T23:15:33.223","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."},{"lang":"es","value":"MĂșltiples vulnerabilidades de XSS en Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 hasta 2014 R1 permiten a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a travĂ©s de vectores no especificados."}],"metrics":{"cvssMetricV2":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:N/I:N/A:C","baseScore":4.9,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aveva:clearscada:2010:r3:*:*:*:*:*:*","matchCriteriaId":"AAD213FA-E444-4DDB-B593-CC79C45D92F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:aveva:clearscada:2010:r3.1:*:*:*:*:*:*","matchCriteriaId":"E4FBC203-019A-4DE0-97ED-F0A4872B4E55"},{"vulnerable":true,"criteria":"cpe:2.3:a:aveva:clearscada:2013:r1:*:*:*:*:*:*","matchCriteriaId":"0733DE5C-D168-4A2B-996F-E2BE671FB4C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:aveva:clearscada:2013:r1.1:*:*:*:*:*:*","matchCriteriaId":"9A22FFBF-1EAF-478B-A8F4-5EDBDCAE8F41"},{"vulnerable":true,"criteria":"cpe:2.3:a:aveva:clearscada:2013:r1.1a:*:*:*:*:*:*","matchCriteriaId":"64BF21B8-F98E-46C5-A1AC-FE7DBD45D80F"},{"vulnerable":true,"criteria":"cpe:2.3:a:aveva:clearscada:2013:r1.2:*:*:*:*:*:*","matchCriteriaId":"A2115F6A-1689-4121-99FA-5821C78BA394"},{"vulnerable":true,"criteria":"cpe:2.3:a:aveva:clearscada:2013:r2:*:*:*:*:*:*","matchCriteriaId":"D2F240E9-4C6F-4257-9F20-456B736569CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:scada_expert_clearscada:2013:r2.1:*:*:*:*:*:*","matchCriteriaId":"D2B6A429-6195-4213-A851-AF95A9C187F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:scada_expert_clearscada:2014:r1:*:*:*:*:*:*","matchCriteriaId":"84521A6D-AB6D-4518-A642-9BA4400DC599"}]}]}],"references":[{"url":"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-259-01a.json","source":"ics-cert@hq.dhs.gov"},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-14-259-01a","source":"ics-cert@hq.dhs.gov"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-14-259-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}