CVE-2018-7792

high

Description

A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.

References

https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/

http://www.securityfocus.com/bid/105182

Details

Source: Mitre, NVD

Published: 2018-08-29

Updated: 2022-02-03

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High