In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.
References
Configurations
Configuration 1 (hide)
|
History
09 May 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
Summary | In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. |
07 Jul 2022, 13:40
Type | Values Removed | Values Added |
---|---|---|
First Time |
Codesys development System
Codesys sp Realtime Nt Codesys web Server Codesys plcwinnt Codesys runtime Toolkit Codesys Codesys edge Gateway Codesys opc Server Codesys gateway Codesys plchandler Codesys hmi Sl |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 7.5 |
CPE | cpe:2.3:a:codesys:plchandler:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:opc_server:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:web_server:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:* cpe:2.3:a:codesys:plcwinnt:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:x86:* cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:sp_realtime_nt:*:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17140&token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c&download= - Vendor Advisory |
24 Jun 2022, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-24 08:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-31805
Mitre link : CVE-2022-31805
CVE.ORG link : CVE-2022-31805
JSON object : View
Products Affected
codesys
- runtime_toolkit
- development_system
- gateway
- web_server
- hmi_sl
- edge_gateway
- opc_server
- sp_realtime_nt
- plchandler
- plcwinnt
CWE
CWE-523
Unprotected Transport of Credentials