Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 | Third Party Advisory US Government Resource |
https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 - Third Party Advisory, US Government Resource |
Information
Published : 2015-10-06 01:59
Updated : 2024-11-21 02:24
NVD link : CVE-2015-1015
Mitre link : CVE-2015-1015
CVE.ORG link : CVE-2015-1015
JSON object : View
Products Affected
omron
- cj2m_plc
- cx-programmer
- cj2h_plc
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor