CVE-2017-9969

2018-02-1223:00:00

schneider

www.cve.org

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

23.3%

JSON

An information disclosure vulnerability exists in Schneider Electric’s IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.

References

www.securityfocus.com/bid/103046

ics-cert.us-cert.gov/advisories/ICSA-18-046-03

www.schneider-electric.com/en/download/document/SEVD-2018-039-02/