CVE-2023-26204

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-256
View all →

Vulnerability Description

A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.

Related Vulnerabilities

CVE-2017-16714

CRITICAL
CVSS:9.8(Critical)

In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication.

CWE-2562017

CVE-2017-7913

CRITICAL
CVSS:9.8(Critical)

A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, ...

CWE-2562017

CVE-2017-9856

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can be decrypted very easily. The passwords are "encrypted" using a very simple encryption algo...

CWE-2562017

CVE-2018-7510

CRITICAL
CVSS:9.8(Critical)

In the web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software versions prior to 4107600010.23, passwords are presented in plaintext in a file that is accessible without...

CWE-2562018

CVE-2018-8851

CRITICAL
CVSS:9.8(Critical)

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow ...

CWE-2562018

CVE-2023-42493

CRITICAL
CVSS:9.8(Critical)

EisBaer Scada - CWE-256: Plaintext Storage of a Password

CWE-2562023