Vulnerabilities > Schneider Electric > Igss Mobile > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-12 | CVE-2017-9969 | Insufficiently Protected Credentials vulnerability in Schneider-Electric Igss Mobile 3.01 An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. | 6.7 |
| 2018-02-12 | CVE-2017-9968 | Improper Certificate Validation vulnerability in Schneider-Electric Igss Mobile 3.01 A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack. | 5.9 |