Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18877

Malware in sbrugna...

5.9CVSS6AI score0.01173EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18878

Malware in sbrugna...

6.7CVSS6.6AI score0.00404EPSS
Exploits0References4
ICS
ICS
added 2018/02/15 12:0 a.m.34 views

Schneider Electric IGSS Mobile

CVSS v3 6.4 ATTENTION: Locally exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: IGSS Mobile Vulnerabilities: Improper Certificate Validation, Plaintext Storage of a Password AFFECTED PRODUCTS Schneider Electric reports that the vulnerabilities affect the following IGS...

6.7CVSS6.4AI score0.01173EPSS
Exploits0References4
NVD
NVD
added 2018/02/12 11:29 p.m.18 views

CVE-2017-9969

An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information...

6.7CVSS6.3AI score0.00404EPSS
Exploits0References3
Prion
Prion
added 2018/02/12 11:29 p.m.11 views

Security feature bypass

A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack...

4.3CVSS7AI score0.01173EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/02/12 11:29 p.m.16 views

Information disclosure

An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information...

2.1CVSS6.3AI score0.00404EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/02/12 11:29 p.m.3 views

CVE-2017-9968

A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack...

5.9CVSS5.8AI score0.01173EPSS
Exploits0References3
NVD
NVD
added 2018/02/12 11:29 p.m.14 views

CVE-2017-9968

A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack...

5.9CVSS6AI score0.01173EPSS
Exploits0References3
OSV
OSV
added 2018/02/12 11:29 p.m.5 views

CVE-2017-9969

An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information...

6.7CVSS5.8AI score0.00404EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/02/12 11:0 p.m.13 views

CVE-2017-9969

An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information...

6.2AI score0.00404EPSS
Exploits0References3
CVE
CVE
added 2018/02/12 11:0 p.m.47 views

CVE-2017-9968

IGSS Mobile (Schneider Electric) affected: Android and iOS apps version 3.01 and earlier. Root cause: missing certificate pinning during TLS/SSL handshake, enabling potential MITM risks. Public-facing impact: credential exposure risk and MITM possibility as described in ICSA-18-046-03; CVSS v3 ba...

5.9CVSS5.7AI score0.01173EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/02/12 11:0 p.m.47 views

CVE-2017-9969

The CVE-2017-9969 entry affects Schneider Electric IGSS Mobile (Android/iOS) up to version 3.01 and earlier. The root cause is plaintext storage of passwords in the app configuration, enabling exposure of sensitive credentials and potential information disclosure. The ICSA advisory notes CVSS v3 ...

6.7CVSS6.2AI score0.00404EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/02/12 11:0 p.m.17 views

CVE-2017-9968

A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack...

5.7AI score0.01173EPSS
Exploits0References3
Rows per page
Query Builder