CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause
exposure of SNMP credentials when an attacker has access to the controller logs.
References
| Link | Resource |
|---|---|
| https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
History
25 Jul 2024, 20:00
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:schneider-electric:spacelogic_as-p:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:spacelogic_as-p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:spacelogic_as-b:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:spacelogic_as-b_firmware:*:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.5 |
| First Time |
Schneider-electric
Schneider-electric spacelogic As-p Schneider-electric spacelogic As-b Firmware Schneider-electric spacelogic As-p Firmware Schneider-electric spacelogic As-b |
|
| References | () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf - Patch, Vendor Advisory |
12 Jun 2024, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-06-12 17:15
Updated : 2024-07-25 20:00
NVD link : CVE-2024-5557
Mitre link : CVE-2024-5557
JSON object : View
Products Affected
schneider-electric
- spacelogic_as-b_firmware
- spacelogic_as-p_firmware
- spacelogic_as-p
- spacelogic_as-b
CWE
CWE-532
Insertion of Sensitive Information into Log File