A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/105182 | Third Party Advisory VDB Entry |
https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/ | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
03 Feb 2022, 14:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:* |
31 Jan 2022, 19:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:se:modicon_m221:-:*:*:*:*:*:*:* |
Information
Published : 2018-08-29 21:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-7792
Mitre link : CVE-2018-7792
CVE.ORG link : CVE-2018-7792
JSON object : View
Products Affected
schneider-electric
- modicon_m221
- modicon_m221_firmware
CWE
CWE-862
Missing Authorization