CVE-2022-0835

AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:r2_patch01:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:r2s:*:*:*:*:*:*

History

18 Apr 2022, 13:42

Type Values Removed Values Added
CWE CWE-316 CWE-312
CVSS v2 : unknown
v3 : unknown
v2 : 1.9
v3 : 5.5
CPE cpe:2.3:a:aveva:system_platform:2020:r2_patch01:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:r2s:*:*:*:*:*:*
References (CONFIRM) https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-02 - (CONFIRM) https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-02 - Third Party Advisory, US Government Resource
References (CONFIRM) https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-007.pdf - (CONFIRM) https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-007.pdf - Vendor Advisory

11 Apr 2022, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-04-11 20:15

Updated : 2024-02-04 22:29


NVD link : CVE-2022-0835

Mitre link : CVE-2022-0835

CVE.ORG link : CVE-2022-0835


JSON object : View

Products Affected

aveva

  • system_platform
CWE
CWE-312

Cleartext Storage of Sensitive Information

CWE-316

Cleartext Storage of Sensitive Information in Memory