Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive information by discovering this password.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2015-03-29T10:00:00
Updated: 2024-08-06T04:26:11.573Z
Reserved: 2015-01-10T00:00:00
Link: CVE-2015-0996
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2015-03-29T10:59:05.383
Modified: 2021-05-14T15:24:42.063
Link: CVE-2015-0996
Redhat
No data.