14 matches found
EUVD-2017-18568
Malware in sbrugna...
EUVD-2017-18566
Malware in sbrugna...
CVE-2017-9637
Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string. Schneider Electric recommends that...
CVE-2017-9637
Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string. Schneider Electric recommends that...
CVE-2017-9637
Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string. Schneider Electric recommends that...
CVE-2017-9635
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Amp...
Default credentials
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Amp...
Default credentials
Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string. Schneider Electric recommends that...
CVE-2017-9635
In Ampla MES, CVE-2017-9635 describes a vulnerability when users are configured to use Simple Security: a weakness in the password hashing algorithm could allow an attacker to reverse a user’s password. Affected products are Schneider Electric Ampla MES 6.4 and earlier. Impact details from the IC...
CVE-2017-9637
Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string. Schneider Electric recommends that...
CVE-2017-9635
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Amp...
CVE-2017-9637
CVE-2017-9637 affects Schneider Electric Ampla MES 6.4 and earlier. The vulnerability allows sniffing of the connection string when third-party database connectivity uses SQL credentials (cleartext transmission of sensitive information). Root cause is transmission of credentials in cleartext; Win...
Schneider Electric Ampla MES Information Disclosure Vulnerability
Ampla Manufacturing Execution System MES is a manufacturing execution system from Schneider Electric, France, for on-site production management in production plants and factories. An information disclosure vulnerability exists in the Schneider Electric Ampla MES, which provides the ability to...
Schneider Electric Ampla MES
CVSS v3 6.7 ATTENTION: Low skill level to exploit. Vendor: Schneider Electric Equipment: Ampla MES Vulnerabilities: Cleartext Transmission of Sensitive Information, Inadequate Encryption Strength AFFECTED PRODUCTS Schneider Electric reports that the vulnerability affects the following Ampla...