Weak Encryption of Credentials in SOCOMEC MODULYS GP Netvision Versions 7.20 and Earlier

Weak Encryption of Credentials in SOCOMEC MODULYS GP Netvision Versions 7.20 and Earlier

CVE-2023-0356 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information.

Learn more about our Web Application Penetration Testing UK.