CVE-2017-5155

Name of the Vulnerable Software and Affected Versions Schneider Electric Wonderware Historian versions 2014 R2 SP1 P01 and earlier

Description An issue was discovered where Wonderware Historian creates logins with default passwords, allowing a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may also be compromised.

Recommendations For versions 2014 R2 SP1 P01 and earlier, change the default passwords for all logins created by Wonderware Historian to prevent potential compromise of Historian databases and other resources.