Cleartext Password Storage Vulnerability in Schneider Electric InduSoft Web Studio and Wonderware InTouch Machine Edition

Cleartext Password Storage Vulnerability in Schneider Electric InduSoft Web Studio and Wonderware InTouch Machine Edition

CVE-2015-1009 · LOW Severity

AV:L/AC:L/AU:S/C:P/I:N/A:N

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

Learn more about our Web App Pen Testing.