Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1977

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2012-1977
Last Modified 29 Aug 2012 12:00:00
Published 09 May 2012 06:33:15
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1977

Summary

WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file.

Vulnerable Systems

Application

  • Wellintech Kingview 3.0


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-129-01.pdf

MISC - http://dsecrg.com/pages/vul/show.php?id=405


Last Updated: 27 May 2016 10:57:32