RSS   Vulnerabilities for 'Tableau desktop'   RSS

2017-03-08
 
CVE-2017-5178

CWE-1188
 

 
An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access.

 

 >>> Vendor: Schneider electric 24 Products
Tableau server
Modbus serial driver
Proclima
Pelco ds-nv
Indusoft web studio
Wonderware intouch 2014
Struxureware building expert mpm
Struxureware building operations automation server as-p firmware
Struxureware building operations automation server as firmware
Telvent rtu firmware
Homelynk controller lss100100 firmware
Magelis stu small panel firmware
Magelis xbt gh advanced hand-held panel firmware
Magelis xbt gtw advanced open touchscreen panel firmware
Magelis sto5 small panel firmware
Magelis gto advanced optimum panel firmware
Magelis gtu universal panel firmware
Magelis xbt gk advanced touchscreen panel with keyboard firmware
Magelis xbt gt advanced touchscreen panel firmware
Wonderware intelligence
Tableau desktop
Wonderware intouch access anywhere 2014
Wonderware archestra logger
Modbus driver suite


Copyright 2024, cxsecurity.com

 

Back to Top