Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Indusoft web studio'
2015-03-29
CVE-2015-0999
CWE-200
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.
CVE-2015-0998
CWE-200
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2015-0997
CWE-200
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack.
CVE-2015-0996
CWE-200
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive information by discovering this password.
>>>
Vendor:
Schneider electric
24
Products
Proclima
Pelco ds-nv
Indusoft web studio
Wonderware intouch 2014
Struxureware building expert mpm
Struxureware building operations automation server as-p firmware
Struxureware building operations automation server as firmware
Telvent rtu firmware
Homelynk controller lss100100 firmware
Magelis stu small panel firmware
Magelis xbt gh advanced hand-held panel firmware
Magelis xbt gtw advanced open touchscreen panel firmware
Magelis sto5 small panel firmware
Magelis gto advanced optimum panel firmware
Magelis gtu universal panel firmware
Magelis xbt gk advanced touchscreen panel with keyboard firmware
Magelis xbt gt advanced touchscreen panel firmware
Wonderware intelligence
Tableau desktop
Tableau server
Wonderware intouch access anywhere 2014
Wonderware archestra logger
Modbus driver suite
Modbus serial driver
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Indusoft web studio' 