Description
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file.
References (3)
Core 3
Core References
Third Party Advisory, US Government Resource
http://www.us-cert.gov/control_systems/pdf/ICSA-12-129-01.pdf
Various Sources
http://dsecrg.com/pages/vul/show.php?id=405
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-12-129-01
Scores
EPSS
0.0089
EPSS Percentile
75.6%
Details
CWE
CWE-255
CWE-311
Status
published
Products (2)
WellinTech/KingSCADA
3.0
wellintech/kingview
3.0
Published
May 09, 2012
Tracked Since
Feb 18, 2026