In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Symphony_+_historian | Abb | 3.0 (including) | 3.0 (including) |
Symphony_+_historian | Abb | 3.1 (including) | 3.1 (including) |
Symphony_+_operations | Abb | 1.1 (including) | 1.1 (including) |
Symphony_+_operations | Abb | 2.0 (including) | 2.0 (including) |
Symphony_+_operations | Abb | 2.1-sp1 (including) | 2.1-sp1 (including) |
Symphony_+_operations | Abb | 2.1-sp2 (including) | 2.1-sp2 (including) |
Symphony_+_operations | Abb | 3.0 (including) | 3.0 (including) |
Symphony_+_operations | Abb | 3.1 (including) | 3.1 (including) |
Symphony_+_operations | Abb | 3.2 (including) | 3.2 (including) |
Symphony_+_operations | Abb | 3.3 (including) | 3.3 (including) |