Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.16 views

Phoenix Contact ILC PLCs Cleartext Storage of Sensitive Information (CVE-2016-8366)

Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text. This plugin only works with...

7.1AI score0.05845EPSS
Exploits4References4
NVD
NVD
added 2018/04/05 4:29 p.m.22 views

CVE-2016-8366

Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text...

7.3CVSS7.1AI score0.05845EPSS
Exploits4References3
Cvelist
Cvelist
added 2018/04/05 4:0 p.m.25 views

CVE-2016-8366

Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text...

7.1AI score0.05845EPSS
Exploits4References3
CVE
CVE
added 2018/04/05 4:0 p.m.67 views

CVE-2016-8366

CVE-2016-8366 affects Phoenix Contact ILC PLCs with WebVisit. The vulnerability arises from a password macro where credentials can be stored and transferred in clear text, enabling potential exposure of user passwords via the HMI protection mechanism. Connected documents confirm the issue is tied...

7.3CVSS7AI score0.05845EPSS
Exploits4References3Affected Software1
NVD
NVD
added 2017/10/05 1:29 a.m.27 views

CVE-2017-13995

An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables...

10CVSS9.2AI score0.02466EPSS
Exploits0References2
OSV
OSV
added 2017/10/05 1:29 a.m.3 views

CVE-2017-13995

An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables...

10CVSS5.8AI score0.02466EPSS
Exploits0References2
Prion
Prion
added 2017/10/05 1:29 a.m.22 views

Authentication flaw

An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables...

7.5CVSS9.1AI score0.02466EPSS
Exploits0References2Affected Software1
ICS
ICS
added 2016/11/08 12:0 a.m.189 views

Phoenix Contact ILC PLC Authentication Vulnerabilities

OVERVIEW Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC inline controller PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to...

7.5CVSS0.8AI score0.11199EPSS
Exploits8References19
Rows per page
Query Builder