CyberSec.Space Logo
Back to CVE Browser

CVE-2018-7820

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile7.18th
PublishedSep 17, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.

Affected Platforms (CPE)

πŸ’»
Schneider Electric

Ap9630 Firmware

< 6.7.2
πŸ’»
Schneider Electric

Smart Ups Srt 5kva Firmware

< 6.7.2
πŸ’»
Schneider Electric

Ap9631 Firmware

< 6.7.2
πŸ’»
Schneider Electric

Ap9635 Firmware

< 6.7.2

References & Advisories

πŸ”— https://www.apc.com/salestools/CCON-BFQMXC/CCON-BFQMXC_R0_EN.pdf
πŸ”— https://www.apc.com/salestools/CCON-BFQMXC/CCON-BFQMXC_R0_EN.pdf

Related Vulnerabilities

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-100065210.0

JabRef version <=4.3.1 contains a XML External Entity (XXE) vulnerability in MsBibImporter XML Parser that can result in disclosur...

CVE-2018-261110.0

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Service...

CVE-2018-390710.0

An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Fi...