Описание
An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.
Ссылки
- Third Party AdvisoryVDB EntryVendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryVDB EntryVendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.01 (включая)Версия до 3.01 (включая)
Одно из
cpe:2.3:a:schneider-electric:igss_mobile:*:*:*:*:*:android:*:*
cpe:2.3:a:schneider-electric:igss_mobile:*:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 23%
0.00078
Низкий
6.7 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 6.7
github
больше 3 лет назад
An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.
EPSS
Процентиль: 23%
0.00078
Низкий
6.7 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-522