CVE-2016-5849

Name of the Vulnerable Software and Affected Versions Siemens SICAM PAS versions prior to 8.07

Description The issue is related to insufficient password protection in databases, which could allow a local attacker with certain database privileges to calculate passwords. Additionally, it may enable local users to obtain sensitive configuration information by leveraging database stoppage.

Recommendations For Siemens SICAM PAS versions prior to 8.07, consider restricting access to the database to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit privileges for local users to prevent them from obtaining sensitive configuration information.