exploitDog

CVE-2020-14516

Опубликовано: 18 мар. 2021

Источник: nvd

CVSS3: 10

CVSS2: 7.5

EPSS Низкий

Описание

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly.

Ссылки

https://us-cert.cisa.gov/ics/advisories/icsa-21-054-01
Third Party Advisory
US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-054-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:rockwellautomation:factorytalk_services_platform:6.10.00:*:*:*:*:*:*:*

cpe:2.3:a:rockwellautomation:factorytalk_services_platform:6.11.00:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00242

Низкий

10 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-916

Связанные уязвимости

GHSA-96wm-8v29-wg5g

github

больше 3 лет назад

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly.

EPSS

Процентиль: 47%

0.00242

Низкий

10 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-916