A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.
References
Link | Resource |
---|---|
https://www.apc.com/salestools/CCON-BFQMXC/CCON-BFQMXC_R0_EN.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2019-09-17 13:15
Updated : 2023-02-28 17:22
NVD link : CVE-2018-7820
Mitre link : CVE-2018-7820
JSON object : View
CWE
CWE-522
Insufficiently Protected Credentials
Products Affected
schneider-electric
- ap9630_firmware
- ap9630
- ap9635
- smart-ups_srt_5kva_firmware
- ap9631
- ap9635_firmware
- smart-ups_srt_5kva
- ap9631_firmware