PT-2014-4666 · Schneider Electric · Wonderware Information Server (Wis) Portal

Sergey Gordeychik

·

Publicado

2014-08-28

·

Atualizado

2025-11-01

·

CVE-2014-2380

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions Schneider Electric Wonderware Information Server (WIS) Portal versions 4.0 SP1 through 5.5
Description The issue allows remote attackers to obtain sensitive information by reading a credential file due to the use of weak encryption.
Recommendations For versions 4.0 SP1 through 5.5, update to a version that uses strong encryption to protect sensitive information.

Correção

Inadequate Encryption Strength

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-326

Identificadores relacionados

CVE-2014-2380

Produtos afetados

Wonderware Information Server (Wis) Portal