CVE-2012-1977

Published: May 9, 2012Modified: Apr 29, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:C/I:N/A:N

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file.

Affected (1)

Products: Wellintech: Kingview

Wellintech

1 product

Kingview

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wellintech Kingview	Version 3.0

Related CWEs

CWE-255

CWE-311

Missing Encryption of Sensitive Data

The product does not encrypt sensitive or critical information before storage or transmission.

References (3)

https://www.cisa.gov/news-events/ics-advisories/icsa-12-129-01

Source: ics-cert@hq.dhs.gov

http://dsecrg.com/pages/vul/show.php?id=405

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/control_systems/pdf/ICSA-12-129-01.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.