Design/Logic Flaw

2014-08-2801:55:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.

CPENameOperatorVersion
wonderware_information_servereq4.5 portal
wonderware_information_servereq4.0 sp1
wonderware_information_servereq4.0 sp1
wonderware_information_servereq5.5
wonderware_information_servereq5.0 portal

Name	Operator	Version
wonderware_information_server	eq	4.5 portal
wonderware_information_server	eq	4.0 sp1
wonderware_information_server	eq	4.0 sp1
wonderware_information_server	eq	5.5
wonderware_information_server	eq	5.0 portal

References

ics-cert.us-cert.gov/advisories/ICSA-14-238-02