Lucene search
HistoryMay 31, 2015 - 5:59 p.m.
CVE-2015-1010
cve-2015-1010
rockwell automation
rsview32
cpr9 sr4
encryption
credentials
local users
decryption attack
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.7%
Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does not properly encrypt credentials, which allows local users to obtain sensitive information by reading a file and conducting a decryption attack.
Affected configurations
Node
rockwellautomationrsview32Range≤7.60.00
| CPE | Name | Operator | Version |
|---|---|---|---|
| rockwellautomation:rsview32 | rockwellautomation rsview32 | le | 7.60.00 |
Related
cvelist
cvelist
CVE-2015-1010
2015-05-31 17:00:00
ics
ics
Rockwell Automation RSView32 Weak Encryption Algorithm on Passwords
2018-08-27 12:00:00
nessus
nessus
Rockwell (CVE-2015-1010) (deprecated)
2022-02-07 00:00:00
Rockwellautomation Rsview32 Unspecified Vulnerability
2019-11-08 00:00:00
prion
prion
Information disclosure
2015-05-31 17:59:00
nvd
nvd
CVE-2015-1010
2015-05-31 17:59:00
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.7%
Related for CVE-2015-1010