Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AVEVA System Platform Cleartext Storage of Sensitive Information in Memory
Vulnerability Description
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
Vulnerability Type
在内存中的明文存储
Vulnerability Title
AVEVA System Platform 安全漏洞
Vulnerability Description
AVEVA System Platform是英国AVEVA公司的一个应用软件。用于监管、企业 SCADA、MES 和 IIoT 应用程序的响应迅速、标准驱动且可扩展的基础。 AVEVA System Platform 存在安全漏洞,成功利用此漏洞可能会将网络用户帐户或登录用户的明文凭据暴露给授权的低权限用户。如果用户创建相关进程的诊断内存转储并将其保存到未经授权的恶意用户可以访问的未受保护的位置,则明文凭据也将被公开。
CVSS Information
N/A
Vulnerability Type
N/A