CVE-2015-0988
published 2015-10-06CVE-2015-0988: Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to…
PriorityP46low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.33%
25.2th percentile
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| omron | cx-programmer | <= 9.5 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Omron Multiple Product Vulnerabilities
cisa_ics·2019-01-31
Omron Multiple Product Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Omron Multiple Product Vulnerabilities
Last RevisedJanuary 31, 2019
Alert CodeICSA-15-274-01
## OVERVIEW
Air Force Institute of Technology researcher Stephen Dunlap has identified vulnerabilities in Omron Corporation’s CX-Programmer software, CJ2M series programmable logic controller (PLC), and CJ2H series PLC. Omron Corporation has produced new versions that mitigate these vulnerabilities.
One of the three vulnerabilities could be exploited remotely.
## AFFECTED PRODUCTS
The following Omron Corporation products are affected:
- CX-Programmer software, versions prior to Versi
GHSA
GHSA-wp7v-69vc-cfx5: Omron CX-One CX-Programmer before 9
ghsa_unreviewed·2022-05-17
CVE-2015-0988 [LOW] CWE-200 GHSA-wp7v-69vc-cfx5: Omron CX-One CX-Programmer before 9
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file.
No detection rules found.
No public exploits indexed.
2015-10-06
Published