CVE-2017-6028
N/A
N/A
Summary
An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them susceptible to sniffing. Sniffed credentials could then be used to log into the web application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Schneider Electric Modicon PLCs | Schneider Electric Modicon PLCs | affected |
Weaknesses
- CWE-522: CWE-522
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.