Vulnerability: Plain Text Password Storage in SICK Package Analytics Software

Vulnerability: Plain Text Password Storage in SICK Package Analytics Software

CVE-2020-2078 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain access to systems, potentially compromising personal information or other sensitive information.

Learn more about our Web Application Penetration Testing UK.