Credentials of built-in users are insecurely stored in the User directory of PcVue projects, all versions prior to 17.0.0. A local attacker could retrieve users’ credentials.
Active Directory accounts are not affected by this vulnerability.
The product stores a password in plaintext within resources such as memory or files.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pcvue | Arcinfo | * | 17.0.0 (excluding) |