CVE-2023-29447
5.7MEDIUMAn insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication.
Publicado: 1/10/2024Actualizado: 11/21/2024
Descripción
An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication.
Análisis IAImpulsado por IA
Productos Afectados
ptckepware_kepserverex
ptcthingworx_kepware_server
ptcthingworx_industrial_connectivity
Referencias
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03Third Party AdvisoryUS Government Resource
- https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/Third Party Advisory
- https://www.ptc.com/en/support/article/cs399528Vendor Advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03Third Party AdvisoryUS Government Resource
- https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/Third Party Advisory
- https://www.ptc.com/en/support/article/cs399528Vendor Advisory