CVE-2015-0998
published 2015-03-29CVE-2015-0998: Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials…
low3.3CVSS 3.1
AVAACLAuNCPINAN
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aveva | aveva_edge | < 7.1.3.4 | 7.1.3.4 |
| schneider-electric | wonderware_intouch_2014 | < 7.1.3.4 | 7.1.3.4 |