This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Schneider-Electric First view 2015-01-27
Product etg3000 Factorycast Hmi Gateway Firmware Last view 2015-01-27
Version Type Os
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:schneider-electric:etg3000_factorycast_hmi_gateway_firmware:1.60.2:*:*:*:*:*:*:* 2
cpe:2.3:o:schneider-electric:etg3000_factorycast_hmi_gateway_firmware:1.60.4:*:*:*:*:*:*:* 1

Related : CVE

  Date Alert Description
10 2015-01-27 CVE-2014-9198

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.

7.8 2015-01-27 CVE-2014-9197

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-284 Access Control (Authorization) Issues
50% (1) CWE-255 Credentials Management