PT-2017-19218 · Sma Solar Technology · Sma Solar Technology Products
Willem Westerhof
·
Publicado
2017-08-05
·
Atualizado
2024-08-05
·
CVE-2017-9852
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SMA Solar Technology products (affected versions not specified)
Description
An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exist that are rarely changed. User passwords will almost always be default. Installer passwords are expected to be default or similar across installations installed by the same company. Hidden user accounts have a fixed password for all devices, which can never be changed by a user. Other vulnerabilities exist that allow an attacker to get the passwords of these hidden user accounts.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Using Hardcoded Credentials
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sma Solar Technology Products