CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-7820

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile7.18th
Published2019年9月17日
Last Modified2024年11月21日

Vulnerability Description

A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.

Affected Platforms (CPE)

💻
Schneider Electric

Ap9630 Firmware

< 6.7.2
💻
Schneider Electric

Smart Ups Srt 5kva Firmware

< 6.7.2
💻
Schneider Electric

Ap9631 Firmware

< 6.7.2
💻
Schneider Electric

Ap9635 Firmware

< 6.7.2

References & Advisories

🔗 https://www.apc.com/salestools/CCON-BFQMXC/CCON-BFQMXC_R0_EN.pdf
🔗 https://www.apc.com/salestools/CCON-BFQMXC/CCON-BFQMXC_R0_EN.pdf

相關漏洞威脅

CVE-2018-1051110.0

A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request for...

CVE-2018-556010.0

A reliance on a static, hard-coded credential in the design of the cloud-based storage system of Practecol's Guardzilla All-In-One...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-1850510.0

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication betwee...