exploitDog

GHSA-h9m2-392c-p78g

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

Ссылки

EPSS

Процентиль: 24%

0.00079

Низкий

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2015-1009

nvd

больше 10 лет назад

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

EPSS

Процентиль: 24%

0.00079

Низкий

CVE ID

Дефекты

CWE-200