First published: Wed Sep 09 2020(Updated: )
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP8). Insecure storage of sensitive information in the configuration files could allow the retrieval of user names.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens Spectrum Power 4 | <4.70 | |
Siemens Spectrum Power 4 | =4.70 | |
Siemens Spectrum Power 4 | =4.70-sp7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-15784 is medium with a CVSS score of 5.3.
The affected software for CVE-2020-15784 is Siemens Spectrum Power 4 (All versions < V4.70 SP8).
CVE-2020-15784 is a vulnerability that involves insecure storage of sensitive information in the configuration files of Siemens Spectrum Power 4, allowing the retrieval of user names.
To fix CVE-2020-15784, it is recommended to update Siemens Spectrum Power 4 to version V4.70 SP8 or higher.
More information about CVE-2020-15784 can be found at this reference: https://cert-portal.siemens.com/productcert/pdf/ssa-568969.pdf