CVE-2017-5155

Summary

An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.

Affected Software

VendorProductVersion RangeStatus
n/aSchneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlierSchneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlieraffected

Weaknesses

  • Schneider Electric Wonderware Historian default passwords

ADP Enrichment

CVE Program Container

Additional References

References