Vulnerabilities > Invensys > Wonderware Information Server > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2014-08-28	CVE-2014-2381	Weak Encryption Security Weakness in Wonderware Information Server Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. local low complexity invensys	2.1
2014-08-28	CVE-2014-5398	Improper Input Validation vulnerability in Invensys Wonderware Information Server Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. local low complexity invensys CWE-20	2.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.