PT-2022-8318 · Emerson · Emerson Openenterprise

Roman Lozko

Published

2022-02-24

Updated

2022-03-07

CVE-2020-10636

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Emerson OpenEnterprise versions through 3.3.4

Description Inadequate encryption may allow the passwords for user accounts to be obtained.

Recommendations For Emerson OpenEnterprise versions through 3.3.4, update to a version that addresses the inadequate encryption issue to prevent passwords from being obtained.

Fix

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-326

Related Identifiers

CVE-2020-10636

Affected Products

Emerson Openenterprise

PT-2022-8318 · Emerson · Emerson Openenterprise

CVE-2020-10636

Weakness Enumeration

Related Identifiers

Affected Products

References · 6