PT-2023-16208 · Socomec · Socomec Modulys Gp Netvision
Aarón Flecha Menéndez
+1
·
Publicado
2023-01-24
·
Atualizado
2023-02-06
·
CVE-2023-0356
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SOCOMEC MODULYS GP Netvision versions 7.20 and prior
Description
The issue is related to weak encryption for credentials on HTTP connections, which could allow threat actors to obtain sensitive information.
Recommendations
For SOCOMEC MODULYS GP Netvision versions 7.20 and prior, consider disabling HTTP connections or restricting access to sensitive information until a fix is available. As a temporary workaround, avoid using HTTP connections for transmitting credentials.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Socomec Modulys Gp Netvision