Description

An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials.

Related CPE's

o

sauter-controls

ey-as525f001_firmware

-

Vulnerable

h

sauter-controls

ey-as525f001

-

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03

Third Party AdvisoryUS Government Resource

Weaknesses

[email protected]

Primary
CWE-319

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-03-27T20:15:09.577

1 year ago

Last modified

2023-11-07T04:10:21.203

8 months ago