An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/103046 | Third Party Advisory VDB Entry Vendor Advisory |
https://ics-cert.us-cert.gov/advisories/ICSA-18-046-03 | Third Party Advisory US Government Resource |
https://www.schneider-electric.com/en/download/document/SEVD-2018-039-02/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: schneider
Published: 2018-02-12T00:00:00
Updated: 2018-02-17T10:57:01
Reserved: 2017-06-26T00:00:00
Link: CVE-2017-9969
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-02-12T23:29:00.403
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-9969
JSON object: View
Redhat Information
No data.
CWE