2 matches found
Clorius Controls A/S ISC SCADA Insecure Java Client Web Authentication
OVERVIEW Independent researcher Aditya Sood has identified an insecure Java client web authentication vulnerability in the Clorius Controls A/S ISC SCADA server. Clorius Controls A/S has produced an update that mitigates this vulnerability. Aditya Sood has tested the update to validate that it...
CVE-2014-9199
The CVE-2014-9199 issue affects Clorius Controls A/S ISC SCADA web server Java client prior to 01.00.0009g (and related advisory mentions 01.00.0009b). Root cause is insufficient/encrypted credential handling, enabling credential sniffing over network traffic. The vulnerability allows remote atta...