Skip to main content

Credentials Management Errors

CVE-2009-0216

Severity High
Score 10/10

Summary

GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module.

  • LOW
  • NETWORK
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

CWE-255 - Credentials Management Errors

Weaknesses in this category are related to the management of credentials.

References

Advisory Timeline

  • Published