Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag.
The product uses an environment variable to store unencrypted sensitive information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Integraxor | Ecava | * | 4.1.4360 (including) |