CVE-2015-0999
published 2015-03-29CVE-2015-0999: Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User…
low2.1CVSS 3.1
AVLACLAuNCPINAN
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aveva | aveva_edge | < 7.1.3.4 | 7.1.3.4 |
| schneider-electric | wonderware_intouch_2014 | < 7.1.3.4 | 7.1.3.4 |