2 matches found
Schneider Electric SCADA Expert ClearSCADA Authentication Bypass (CVE-2014-5412)
An information disclosure vulnerability exists in Schneider Electric SCADA Expert ClearSCADA. This vulnerability is due to insufficient restrictions of the preconfigured guest account. A remote attacker can exploit this vulnerability to disclose sensitive system information...
CVE-2014-5412
Schneider Electric SCADA Expert ClearSCADA/ ClearSCADA (2010 R3 through 2014 R1) contains an authentication bypass via the default guest account, enabling remote disclosure of database records. Root cause: guest user’s read access exposes sensitive data without login. Affected products/versions: ...