CVE-2017-9969

Sažetak

An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.

Reference

http://www.securityfocus.com/bid/103046
https://ics-cert.us-cert.gov/advisories/ICSA-18-046-03
https://www.schneider-electric.com/en/download/document/SEVD-2018-039-02/

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

12-02-2018 - 23:29