ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-16-152-02 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2016-06-10T01:00:00
Updated: 2016-06-10T01:57:01
Reserved: 2016-05-05T00:00:00
Link: CVE-2016-4511
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-06-10T01:59:11.083
Modified: 2016-06-17T13:00:40.673
Link: CVE-2016-4511
JSON object: View
Redhat Information
No data.
CWE