A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The user configuration menu in the web interface of the
Control Center Server (CCS) transfers user passwords in clear to the
client (browser).
An attacker with administrative privileges for the web interface could be
able to read (and not only reset) passwords of other CCS users.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2019-12-12T19:08:46
Updated: 2024-08-05T00:05:43.988Z
Reserved: 2019-07-18T00:00:00
Link: CVE-2019-13947
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-12-12T19:15:15.327
Modified: 2024-11-21T04:25:45.377
Link: CVE-2019-13947
Redhat
No data.