CVE-2018-7820

A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:schneider-electric:ap9630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:ap9630:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:schneider-electric:smart-ups_srt_5kva_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:smart-ups_srt_5kva:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:schneider-electric:ap9631_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:ap9631:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:schneider-electric:ap9635_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:ap9635:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-09-17 20:15

Updated : 2024-02-28 17:08


NVD link : CVE-2018-7820

Mitre link : CVE-2018-7820

CVE.ORG link : CVE-2018-7820


JSON object : View

Products Affected

schneider-electric

  • ap9630_firmware
  • ap9630
  • smart-ups_srt_5kva
  • ap9631_firmware
  • ap9631
  • ap9635
  • smart-ups_srt_5kva_firmware
  • ap9635_firmware
CWE
CWE-522

Insufficiently Protected Credentials

CWE-255

Credentials Management Errors