A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Schneider-electric
Subscribe
|
Powerlogic Ion7400
Subscribe
Powerlogic Ion7400 Firmware
Subscribe
Powerlogic Ion7650
Subscribe
Powerlogic Ion7650 Firmware
Subscribe
Powerlogic Ion8300
Subscribe
Powerlogic Ion8300 Firmware
Subscribe
Powerlogic Ion8400
Subscribe
Powerlogic Ion8400 Firmware
Subscribe
Powerlogic Ion8500
Subscribe
Powerlogic Ion8500 Firmware
Subscribe
Powerlogic Ion8600
Subscribe
Powerlogic Ion8600 Firmware
Subscribe
Powerlogic Ion8650
Subscribe
Powerlogic Ion8650 Firmware
Subscribe
Powerlogic Ion8800
Subscribe
Powerlogic Ion8800 Firmware
Subscribe
Powerlogic Ion9000
Subscribe
Powerlogic Ion9000 Firmware
Subscribe
Powerlogic Pm8000
Subscribe
Powerlogic Pm8000 Firmware
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2021-9838 | A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://www.se.com/ww/en/download/document/SEVD-2021-040-01/ |
|
History
No history.
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: schneider
Published:
Updated: 2024-08-03T18:51:07.062Z
Reserved: 2021-01-06T00:00:00.000Z
Link: CVE-2021-22703
No data.
Status : Modified
Published: 2021-02-19T16:15:13.157
Modified: 2024-11-21T05:50:29.640
Link: CVE-2021-22703
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD