What is the severity of CVE-2008-0174?

CVE-2008-0174 is considered a critical vulnerability due to its potential for remote exploitation and unauthorized access to sensitive information.

How do I fix CVE-2008-0174?

To mitigate CVE-2008-0174, update to a version of GE Fanuc Proficy Real-Time Information Portal later than 2.6 that does not rely on HTTP Basic Authentication.

What systems are affected by CVE-2008-0174?

CVE-2008-0174 affects all versions of GE Fanuc Proficy Real-Time Information Portal up to and including version 2.6.

What impact does CVE-2008-0174 have on users?

CVE-2008-0174 allows attackers to intercept usernames and passwords transmitted in cleartext, potentially leading to unauthorized access.

Is CVE-2008-0174 still a concern in modern systems?

While CVE-2008-0174 primarily affects older software versions, any system using legacy HTTP Basic Authentication is still at risk and should be reviewed.

Vulnerability/
CVE-2008-0174

critical

9.8

CWE

310 312

29/1/2008

7/8/2024

CVE-2008-0174

First published: Tue Jan 29 2008(Updated: )

GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
GE Proficy Real-Time Information Portal	<=2.6
GE Proficy Real-Time Information Portal	<=2.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-0174?
CVE-2008-0174 is considered a critical vulnerability due to its potential for remote exploitation and unauthorized access to sensitive information.
How do I fix CVE-2008-0174?
To mitigate CVE-2008-0174, update to a version of GE Fanuc Proficy Real-Time Information Portal later than 2.6 that does not rely on HTTP Basic Authentication.
What systems are affected by CVE-2008-0174?
CVE-2008-0174 affects all versions of GE Fanuc Proficy Real-Time Information Portal up to and including version 2.6.
What impact does CVE-2008-0174 have on users?
CVE-2008-0174 allows attackers to intercept usernames and passwords transmitted in cleartext, potentially leading to unauthorized access.
Is CVE-2008-0174 still a concern in modern systems?
While CVE-2008-0174 primarily affects older software versions, any system using legacy HTTP Basic Authentication is still at risk and should be reviewed.

agent/type
agent/author
agent/references
agent/severity
agent/weakness
agent/description
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/ge fanuc
canonical/ge proficy real-time information portal
version/ge proficy real-time information portal/2.6
vendor/ge

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.