Описание
An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 11.5.2 (включая)
cpe:2.3:a:aveva:wonderware_intouch_access_anywhere:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00107
Низкий
5.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-326
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly.
EPSS
Процентиль: 30%
0.00107
Низкий
5.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-326