CVE-2017-8371
MEDIUMSchneider-electric Struxureware Data ... - Insufficiently Protected Credentials
Title source: ruleDescription
Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses cleartext RAM storage for passwords, which might allow remote attackers to obtain sensitive information via unspecified vectors.
Scores
CVSS v3
6.8
EPSS
0.0018
EPSS Percentile
39.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Classification
CWE
CWE-522
Status
draft
Affected Products (1)
schneider-electric/struxureware_data_center_expert
< 7.3.1
Timeline
Published
Apr 30, 2017
Tracked Since
Feb 18, 2026