| |
Podatność CVE-2023-40729
Publikacja: 2023-09-12
| Opis: |
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application lacks security control to prevent unencrypted communication without HTTPS. An attacker who managed to gain machine-in-the-middle position could manipulate, or steal confidential information. |
Typ:
CWE-319 (Cleartext Transmission of Sensitive Information)
Referencje: |
https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English