Cleartext Credential Transmission Vulnerability in Schneider Electric InduSoft Web Studio and InTouch Machine Edition

Cleartext Credential Transmission Vulnerability in Schneider Electric InduSoft Web Studio and InTouch Machine Edition

CVE-2015-0998 · LOW Severity

AV:A/AC:L/AU:N/C:P/I:N/A:N

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

Learn more about our Web App Pen Testing.