Cleartext Storage of Sensitive Information in Memory

CVE-2022-0835

High

8.1/10

Summary

AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: REQUIRED
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: LOW

CWE-316 - Cleartext Storage of Sensitive Information in Memory

The application stores sensitive information in cleartext in memory.

References

Advisory Timeline

Published Apr 11, 2022