CVE-2015-1009

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:indusoft:web_studio:*:*:*:*:*:*:*:*
cpe:2.3:a:wonderware:intouch:*:sp3:*:*:machine:*:*:*

History

No history.

Information

Published : 2015-08-01 01:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-1009

Mitre link : CVE-2015-1009

CVE.ORG link : CVE-2015-1009


JSON object : View

Products Affected

wonderware

  • intouch

indusoft

  • web_studio
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor