CVE-2012-1977

CVE-2012-1977: WellinTech KingSCADA Missing Encryption of Sensitive Data

Vendor Wellintech
Product KingSCADA
Weakness CWE-311 · Missing encryption
Published May 9, 2012
Last update June 26, 2025

CVSS base score

What the vulnerability does

01Description

WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file.

Key dates

02Disclosure timeline

May 9, 2012 CVE published
June 26, 2025 Record updated