{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T19:30:07.471","vulnerabilities":[{"cve":{"id":"CVE-2017-6016","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2017-05-19T03:29:00.403","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The following versions are affected: Versions 4.1 and prior versions released before January 20, 2017. An Improper Access Control vulnerability has been identified, which may allow an authenticated user to modify application files to escalate privileges."},{"lang":"es","value":"Se detectó un problema de Control de Acceso Inapropiado en LAquis SCADA  de LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME. Las siguientes versiones están afectadas: Versiones 4.1 y versiones anteriores publicadas antes del 20 de enero de 2017. Se identificó una vulnerabilidad de Control de Acceso Inapropiado, lo que puede permitir que un usuario autenticado modifique los archivos de la aplicación para escalar privilegios."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:leao_consultoria_e_desenvolvimento_de_sistemas:ltda_me_laquis_scada:*:*:*:*:*:*:*:*","versionEndIncluding":"4.1","matchCriteriaId":"467326FE-BE40-4667-B78A-5C9A122DBB74"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/96942","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.securityfocus.com/bid/96942","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}