Improper Storage of Encrypted Internal User Passwords in S+ Operations and S+ Historian

Improper Storage of Encrypted Internal User Passwords in S+ Operations and S+ Historian

CVE-2020-24680 · HIGH Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.

Learn more about our Internal Network Penetration Testing.