Password Storage Vulnerability in WellinTech KingSCADA 3.0
CVE-2012-1977

Currently unrated

Key Information:

Vendor: Wellintech
Status: Kingview
Vendor: CVE Published:; 9 May 2012

Summary

In WellinTech KingSCADA 3.0, passwords are stored in a cleartext base64 format within the user.db file. This insecure method of storing sensitive information potentially allows context-dependent attackers to access and retrieve these passwords by simply reading the file. As a result, user credentials could be compromised, emphasizing the need for secure password storage practices to protect sensitive data.

References

http://dsecrg.com/pages/vul/show.php?id=405

x_refsource_MISC

http://www.us-cert.gov/control_systems/pdf/ICSA-12-129-01...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 9, 2012