CVE-2015-6456

GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials for a support account, which allows remote attackers to obtain administrative access, and consequently execute arbitrary code, by leveraging knowledge of the password.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:*:*:*:*

Information

Published : 2015-09-18 15:59

Updated : 2015-09-23 11:43


NVD link : CVE-2015-6456

Mitre link : CVE-2015-6456


JSON object : View

Advertisement

dedicated server usa

Products Affected

ge

  • mds_pulsenet