Vulnerabilities > CVE-2014-2380 - Unspecified vulnerability in Invensys Wonderware Information Server

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

invensys

NVD

Published: 2014-08-28

Updated: 2024-11-21

Summary

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.

Vulnerable Configurations

Part	Description	Count
Application	Invensys Invensys Wonderware Information Server 4.5 Invensys Wonderware Information Server 4.0 Invensys Wonderware Information Server 5.5 Invensys Wonderware Information Server 5.0	5

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02
https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02