QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-23129

Back to search

CVE-2022-23129

Published: Jan 21, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior and ICONICS GENESIS64 versions 10.90 to 10.97 allows a local authenticated attacker to gain authentication information and to access the database illegally. This is because when configuration information of GridWorX, a database linkage function of GENESIS64 and MC Works64, is exported to a CSV file, the authentication information is saved in plaintext, and an attacker who can access this CSV file can gain the authentication information.

VendorProductVersions

n/a

Mitsubishi Electric MC Works64; ICONICS GENESIS64

affected
Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior
affected
ICONICS GENESIS64 versions 10.90 to 10.97

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now