CVE-2017-8371

6.8MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Struxureware Data Center Expert
Vendor: CVE Published:; 30 April 2017

Summary

Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses cleartext RAM storage for passwords, which might allow remote attackers to obtain sensitive information via unspecified vectors.

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_MISC

http://www.datacenterdynamics.com/content-tracks/security...

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 30, 2017