| |
Podatność CVE-2024-31486
Publikacja: 2024-05-14
| Opis: |
A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30). The affected devices stores MQTT client passwords without sufficient protection on the devices. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss. |
Typ:
CWE-312 (Cleartext Storage of Sensitive Information)
Referencje: |
https://cert-portal.siemens.com/productcert/html/ssa-871704.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English