CVE-2008-0174

GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges.
References
Link Resource
http://securityreason.com/securityalert/3590 Broken Link
http://securitytracker.com/id?1019273 Broken Link Third Party Advisory VDB Entry
http://support.gefanuc.com/support/index?page=kbchannel&id=KB12459 Broken Link
http://www.kb.cert.org/vuls/id/180876 Third Party Advisory US Government Resource
http://www.securityfocus.com/archive/1/487075/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/487244/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/30754 Broken Link Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:ge:proficy_real-time_information_portal:*:*:*:*:*:*:*:*

History

14 Feb 2024, 15:31

Type Values Removed Values Added
CVSS v2 : 5.0
v3 : unknown
v2 : 5.0
v3 : 9.8
CWE CWE-310 CWE-312
CPE cpe:2.3:a:ge_fanuc:proficy_real-time_information_portal:*:*:*:*:*:*:*:* cpe:2.3:a:ge:proficy_real-time_information_portal:*:*:*:*:*:*:*:*
First Time Ge
Ge proficy Real-time Information Portal
References (BID) http://www.securityfocus.com/bid/30754 - (BID) http://www.securityfocus.com/bid/30754 - Broken Link, Third Party Advisory, VDB Entry
References (CONFIRM) http://support.gefanuc.com/support/index?page=kbchannel&id=KB12459 - (CONFIRM) http://support.gefanuc.com/support/index?page=kbchannel&id=KB12459 - Broken Link
References (BUGTRAQ) http://www.securityfocus.com/archive/1/487244/100/0/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/487244/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References (SREASON) http://securityreason.com/securityalert/3590 - (SREASON) http://securityreason.com/securityalert/3590 - Broken Link
References (SECTRACK) http://securitytracker.com/id?1019273 - (SECTRACK) http://securitytracker.com/id?1019273 - Broken Link, Third Party Advisory, VDB Entry
References (CERT-VN) http://www.kb.cert.org/vuls/id/180876 - US Government Resource (CERT-VN) http://www.kb.cert.org/vuls/id/180876 - Third Party Advisory, US Government Resource
References (BUGTRAQ) http://www.securityfocus.com/archive/1/487075/100/0/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/487075/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2008-01-29 02:00

Updated : 2024-02-28 11:01


NVD link : CVE-2008-0174

Mitre link : CVE-2008-0174

CVE.ORG link : CVE-2008-0174


JSON object : View

Products Affected

ge

  • proficy_real-time_information_portal
CWE
CWE-312

Cleartext Storage of Sensitive Information