Vulnerabilities > Schneider Electric > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-02-12 CVE-2017-9969 Insufficiently Protected Credentials vulnerability in Schneider-Electric Igss Mobile 3.01
An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior.
local
low complexity
schneider-electric CWE-522
6.7
6.7
2018-02-12 CVE-2017-9968 Improper Certificate Validation vulnerability in Schneider-Electric Igss Mobile 3.01
A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack.
network
high complexity
schneider-electric CWE-295
5.9
5.9
2018-01-18 CVE-2018-2678 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). 4.3
4.3
2018-01-18 CVE-2018-2677 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). 4.3
4.3
2018-01-18 CVE-2018-2663 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). 4.3
4.3
2018-01-18 CVE-2018-2657 Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle redhat schneider-electric hp
5.3
5.3
2018-01-18 CVE-2018-2641 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). 6.1
6.1
2018-01-18 CVE-2018-2634 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). 6.8
6.8
2018-01-18 CVE-2018-2629 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). 5.3
5.3
2018-01-18 CVE-2018-2618 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). 5.9
5.9