CVE-2022-38469

Summary

An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords.

Affected Software

VendorProductVersion RangeStatus
GE DigitalProficy Historian7.0affected

Weaknesses

  • CWE-261: CWE-261 Weak Encoding for Password

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References