2 matches found
Schneider Electric IGSS Mobile
CVSS v3 6.4 ATTENTION: Locally exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: IGSS Mobile Vulnerabilities: Improper Certificate Validation, Plaintext Storage of a Password AFFECTED PRODUCTS Schneider Electric reports that the vulnerabilities affect the following IGS...
CVE-2017-9969
The CVE-2017-9969 entry affects Schneider Electric IGSS Mobile (Android/iOS) up to version 3.01 and earlier. The root cause is plaintext storage of passwords in the app configuration, enabling exposure of sensitive credentials and potential information disclosure. The ICSA advisory notes CVSS v3 ...