CVE-2024-5557

Summary

CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause exposure of SNMP credentials when an attacker has access to the controller logs.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricSpaceLogic AS-PV5.0.3 and prioraffected
Schneider ElectricSpaceLogic AS-BV5.0.3 and prioraffected

Weaknesses

  • CWE-532: CWE-532 Insertion of Sensitive Information into Log File

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References