Econolite CVE - OpenCVE

Filtered by vendor Econolite Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-0452	1 Econolite	1 Eos	2023-06-20	5.3 Medium
Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user credentials. A configuration file that is accessible without authentication uses MD5 hashes for encrypting credentials, including those of administrators and technicians.
CVE-2023-0451	1 Econolite	1 Eos	2023-06-20	7.5 High
Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and usernames for all defined users in the control software, including administrators and technicians.

Page 1 of 1.