Описание
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products.
EPSS
2.3 Low
CVSS3
Дефекты
Связанные уязвимости
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products.
Уязвимость серверов EcoStruxure Building Operation Enterprise Central, EcoStruxure Building Operation Enterprise Server и интерфейса рабочей станции EcoStruxure Workstation, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
2.3 Low
CVSS3