5 matches found
CVE-2022-45124
An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability...
Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
Carl Hurd of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in WellinTechs KingHistorian industrial control systems data manager. KingHistorian is a time-series database that allows users to ingest and process large amounts of data from ICS,...
CVE-2022-45124
creationtimestamp| type| source ---|---|--- 2023-03-20 23:34:22+00:00| seen| https://t.me/cibsecurity/60353 2023-03-23 11:23:22+00:00| seen| https://t.me/truesecator/4203...
CVE-2022-45124
An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability...
CVE-2022-45124
CVE-2022-45124 affects WellinTech KingHistorian 35.01.00.05. Cisco Talos reports an information-disclosure vulnerability in the User authentication path: if an attacker captures an authentication packet, they can recover the username and password, exposing sensitive data. CVSSv3.1 base score 7.5 ...