PT-2018-14253 · Yokogawa · Yokogawa Stardom Controllers

Published

2018-10-12

Updated

2019-10-09

CVE-2018-17900

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Yokogawa STARDOM Controllers versions prior to R4.10

Description The web application in Yokogawa STARDOM Controllers improperly protects credentials, which could allow an attacker to obtain credentials for remote access to the controllers.

Recommendations For versions prior to R4.10, update to a version later than R4.10 to resolve the issue.

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2018-17900

Affected Products

Yokogawa Stardom Controllers

PT-2018-14253 · Yokogawa · Yokogawa Stardom Controllers

CVE-2018-17900

Weakness Enumeration

Related Identifiers

Affected Products

References · 4