CVE-2023-29447
5.7MEDIUMAn insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication.
Publicado: 1/10/2024Atualizado: 11/21/2024
Descrição
An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication.
Análise IADesenvolvido por IA
Produtos Afetados
ptckepware_kepserverex
ptcthingworx_kepware_server
ptcthingworx_industrial_connectivity
Referências
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03Third Party AdvisoryUS Government Resource
- https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/Third Party Advisory
- https://www.ptc.com/en/support/article/cs399528Vendor Advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03Third Party AdvisoryUS Government Resource
- https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/Third Party Advisory
- https://www.ptc.com/en/support/article/cs399528Vendor Advisory