Schneider-electric

Wonderware Intouch 2014

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1

CVE-2015-0999

  • EPSS 0.06%
  • Published 29.03.2015 10:59:08
  • Last modified 12.04.2025 10:46:40

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by re...

3.3

CVE-2015-0998

  • EPSS 0.23%
  • Published 29.03.2015 10:59:07
  • Last modified 12.04.2025 10:46:40

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

5

CVE-2015-0997

  • EPSS 0.6%
  • Published 29.03.2015 10:59:06
  • Last modified 12.04.2025 10:46:40

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access vi...

2.1

CVE-2015-0996

  • EPSS 0.06%
  • Published 29.03.2015 10:59:05
  • Last modified 12.04.2025 10:46:40

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes ...