← voltar
CVE-2017-9637

CVE-2017-9637

EPSS 0.2%CWE-319
Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.
Produtos afetados
Schneider Electric SE · Ampla MES

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://ics-cert.us-cert.gov/advisories/ICSA-17-187-05http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000118/http://www.securityfocus.com/bid/99469