2 matches found
CVE-2014-5411
Schneider Electric SCADA Expert ClearSCADA (ClearSCADA 2010 R3 through 2014 R1; SCADA Expert ClearSCADA 2013/2014 R1 variants) is affected by CVE-2014-5411, a cross-site scripting (XSS) vulnerability combined with an authentication bypass and a weak MD5-based self-signed certificate issue. The IC...
Schneider Electric SCADA Expert ClearSCADA Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-259-01 Schneider Electric SCADA Expert ClearSCADA Vulnerabilities that was published September 16, 2014, on the NCCIC/ICS-CERT web site. Independent researcher Aditya Sood has identified a weak hashing algorithm...