Published on: Not Yet Published
Last Modified on: 02/06/2023 06:38:00 PM UTC
CVE-2023-0356Source: Mitre Source: NIST CVE.ORG Print: PDF
Certain versions of Modulys Gp from Socomec contain the following vulnerability:
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information.
- CVE-2023-0356 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software: SOCOMEC - MODULYS GP version = 0
Vulnerability Patch/Work Around
- SOCOMEC has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of the affected product are encouraged to contact SOCOMEC customer support https://www.socomec.com/contact-us_en.html .
CVSS3 Score: 7.5 - HIGH
|SOCOMEC MODULYS GP | CISA|| www.cisa.gov |
There are currently no QIDs associated with this CVE
Exploit/POC from Github
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, whic…
Known Affected Configurations (CPE V2.3)
No vendor comments have been submitted for this CVE