CVE-2023-0356

High

SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in…

icscert·CWE-261·Published 2023-01-24

CVSS

7.5

EPSS

0.00

KEV

Exploits

cve.orgen

189 chars

SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information.

NVDen

189 chars

SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information.

Las versiones 7.20 y anteriores de SOCOMEC MODULYS GP Netvision carecen de un cifrado sólido para las credenciales en las conexiones HTTP, lo que podría provocar que los actores de amenazas obtengan información confidencial.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Primary	cve.org	5.7	—	—	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
3.1	Secondary	NVD	5.7	2.1	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N