CVE-2015-1015

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 Third Party Advisory US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:omron:cx-programmer:9.5:*:*:*:*:*:*:*
cpe:2.3:h:omron:cj2h_plc:1.4:*:*:*:*:*:*:*
cpe:2.3:h:omron:cj2m_plc:2.0:*:*:*:*:*:*:*

History

21 Nov 2024, 02:24

Type Values Removed Values Added
References () https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 - Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 - Third Party Advisory, US Government Resource

Information

Published : 2015-10-06 01:59

Updated : 2024-11-21 02:24


NVD link : CVE-2015-1015

Mitre link : CVE-2015-1015

CVE.ORG link : CVE-2015-1015


JSON object : View

Products Affected

omron

  • cj2m_plc
  • cx-programmer
  • cj2h_plc
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor