Описание
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could allow non sensitive information disclosure when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller.
Ссылки
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
Уязвимые конфигурации
Одновременно
EPSS
4.3 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
Связанные уязвимости
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could allow non sensitive information disclosure when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller.
Уязвимость микропрограммного обеспечения программируемого логического контроллера Schneider Electric Modicon M221, M100, M200, связанная с раскрытием информации, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
4.3 Medium
CVSS3
3.3 Low
CVSS2