← Back

Igss Mobile

igss_mobile

Vendor: Schneider Electric • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-9969
1Schneider Electric
1Igss Mobile
Nov 21, 2024
Feb 12, 2018
N/A· v4
6.7 MEDIUM· v3
2.1 LOW· v2
An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive inf...Show more
An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.Show less
CVE-2017-9968
1Schneider Electric
1Igss Mobile
Nov 21, 2024
Feb 12, 2018
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can resul...Show more
A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack.Show less