← back
CVE-2017-5158

CVE-2017-5158

EPSS 2.4%
An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified.
Affected products
n/a · Schneider Electric Wonderware InTouch Access Anywhere

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-17-089-01http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000114/http://www.securityfocus.com/bid/97256