CVE-2020-10609
EUVD-2020-305727.07.2020, 19:15
Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| grundfos | cim_500 | 06.16.00 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-256 - Plaintext Storage of a PasswordStoring a password in plaintext may result in a system compromise.
- CWE-522 - Insufficiently Protected CredentialsThe product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.