Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-29447


An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication.


Published

2024-01-10T21:15:08.790

Last Modified

2024-11-21T07:57:04.600

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.7 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-522
  • Type: Primary
    CWE-522

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application ptc kepware_kepserverex ≤ 6.14.263.0 Yes
Application ptc thingworx_kepware_server ≤ 6.14.263.0 Yes
Application ptc thingworx_industrial_connectivity ≤ 8.5 Yes

References