ByteOS Network

NVD Vulnerability Details :

CVE-2014-2381

Modified

Source-ics-cert@hq.dhs.gov

Published At-28 Aug, 2014 | 01:55

Updated At-06 May, 2026 | 22:30

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N
Primary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N

Type: Secondary

Version: 2.0

Base score: 2.1

Base severity: LOW

Vector:

AV:L/AC:L/Au:N/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 2.1

Base severity: LOW

Vector:

AV:L/AC:L/Au:N/C:P/I:N/A:N

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-326	Secondary	ics-cert@hq.dhs.gov
NVD-CWE-Other	Secondary	nvd@nist.gov

CWE ID: CWE-326

Type: Secondary

Source: ics-cert@hq.dhs.gov

CWE ID: NVD-CWE-Other

Type: Secondary

Source: nvd@nist.gov

Evaluator Description

CWE-326: Inadequate Encryption Strength

References

Hyperlink	Source	Resource
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json	ics-cert@hq.dhs.gov	N/A
https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02	ics-cert@hq.dhs.gov	N/A
https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02	af854a3a-2127-422b-91ae-364da2661108	US Government Resource

Hyperlink: https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-238-02.json

Source: ics-cert@hq.dhs.gov

Resource: N/A

Hyperlink: https://www.cisa.gov/news-events/ics-advisories/icsa-14-238-02

Source: ics-cert@hq.dhs.gov

Resource: N/A

Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

US Government Resource

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History