2 matches found
CVE-2014-2381
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1–5.5 is affected by CVE-2014-2381 due to inadequate encryption strength (CWE-326). The vulnerability allows local users to obtain sensitive information by reading a credential file, with a local access requirement and no authent...
Schneider Electric Wonderware Vulnerabilities
OVERVIEW Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team have identified four vulnerabilities in the Schneider Electric Wonderware Information Server WIS. Schneider Electric has produced an update that mitigates...