PT-2023-12985 · Prosyst · Prosys Opc Ua Simulation Server
Dr. Sriharsha Etigowni
+2
·
Published
2023-01-03
·
Updated
2023-01-10
·
CVE-2022-2967
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Prosys OPC UA Simulation Server versions prior to 5.3.0-64
UA Modbus Server versions 1.4.18-5 and prior
Description
The issue concerns insufficient protection of credentials, potentially allowing an attacker to obtain user credentials and gain access to system data.
Recommendations
For Prosys OPC UA Simulation Server versions prior to 5.3.0-64, update to version 5.3.0-64 or later.
For UA Modbus Server versions 1.4.18-5 and prior, update to a version later than 1.4.18-5.
Fix
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Prosys Opc Ua Simulation Server