A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software discloses password hashes of other users upon request. This could allow an authenticated user to retrieve another users password hash.
The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sicam_gridedge_essential | Siemens | * | 2.6.6 (excluding) |