Back to search
CVE-2017-9635
Published: May 18, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.
| Vendor | Product | Versions |
|---|---|---|
Schneider Electric SE | Ampla MES | affected versions 6.4 and prior |
Weaknesses (CWE)
References
https://ics-cert.us-cert.gov/advisories/ICSA-17-187-05
x_refsource_MISC
http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000118/
x_refsource_CONFIRM
99469
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now