4 matches found
CVE-2022-29959
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. This environment provides access control functionality through user authentication and privilege management. The credentials for various users a...
Authentication flaw
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. This environment provides access control functionality through user authentication and privilege management. The credentials for various users a...
CVE-2022-29959
Summary of CVE-2022-29959 : OpenBSI (Emerson OpenBSI) stores credentials insecurely in SecUsers.ini, enabling potential credential disclosure to an attacker with local access. Multiple sources (NVD, Red Hat, PRION, CVE listings, and CISA advisory) describe the issue as insecure credential storage...
PT-2022-3158 · Emerson · Emerson Openbsi
Name of the Vulnerable Software and Affected Versions: Emerson OpenBSI versions prior to 2022-04-29 Description: The issue is related to the insecure storage of confidential information in the SecUsers.ini file, which can be exploited by a remote attacker to gain access to user credentials. The...