CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-26476
https://notcve.org/view.php?id=CVE-2022-26476
A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges. Se ha identificado una vulnerabilidad en Spectrum Power 4 (Todas las versiones que usan HIS compartido), Spectrum Power 7 (Todas las versiones que usan HIS compartido), Spectrum Power MGMS (Todas las versiones que usan HIS compartido). Un atacante no autenticado podría entrar en el componente Shared HIS usado en los sistemas Spectrum Power usando una cuenta con credenciales por defecto. • https://cert-portal.siemens.com/productcert/pdf/ssa-388239.pdf • CWE-798: Use of Hard-coded Credentials •