CVE-2014-2366

Advantech WebAccess Cleartext Storage of Sensitive Information in Memory

CVSS 9 EPSS 1.3%CWE-316

upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code.

AV:N/AC:L/Au:S/C:C/I:C/A:C

Productos afectados

Advantech · WebAccess

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02 https://www.cisa.gov/news-events/ics-advisories/icsa-14-198-02 http://webaccess.advantech.com/