CVE-2017-9969

2018-02-1200:00:00

schneider

www.cve.org

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.5%

JSON

An information disclosure vulnerability exists in Schneider Electric’s IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.

References

www.securityfocus.com/bid/103046

ics-cert.us-cert.gov/advisories/ICSA-18-046-03

www.schneider-electric.com/en/download/document/SEVD-2018-039-02/