Vulnerabilities > Aveva > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-0835 | Cleartext Storage of Sensitive Information vulnerability in Aveva System Platform 2020 AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user. | 1.9 |
| 2017-04-20 | CVE-2017-5160 | Inadequate Encryption Strength vulnerability in Aveva Wonderware Intouch Access Anywhere 11.5.2 An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. | 3.5 |
| 2015-03-29 | CVE-2015-0996 | Information Exposure vulnerability in multiple products Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive information by discovering this password. | 2.1 |
| 2015-03-29 | CVE-2015-0998 | Information Exposure vulnerability in multiple products Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. | 3.3 |
| 2015-03-29 | CVE-2015-0999 | Information Exposure vulnerability in multiple products Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file. | 2.1 |
| 2014-09-18 | CVE-2014-5411 | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |