Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account information of the database is saved in a local file in plaintext, a user who can access the PC where the affected product is installed can obtain the information. As a result, information in the database may be obtained and/or altered by the user.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2023-06-01T00:00:00
Updated: 2023-06-01T00:00:00
Reserved: 2023-05-11T00:00:00
Link: CVE-2023-28713
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-01T02:15:09.637
Modified: 2023-06-08T13:48:05.117
Link: CVE-2023-28713
JSON object: View
Redhat Information
No data.
CWE