CVE-2023-29447
5.7MEDIUMAn insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication.
Published: 1/10/2024Updated: 11/21/2024
Description
An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication.
AI AnalysisPowered by AI
Affected Products
ptckepware_kepserverex
ptcthingworx_kepware_server
ptcthingworx_industrial_connectivity
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03Third Party AdvisoryUS Government Resource
- https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/Third Party Advisory
- https://www.ptc.com/en/support/article/cs399528Vendor Advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03Third Party AdvisoryUS Government Resource
- https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/Third Party Advisory
- https://www.ptc.com/en/support/article/cs399528Vendor Advisory