GE Proficy Real-Time Information Portal Information Disclosure Vulnerabilities

CVSS 5.0 MEDIUM

CVEs (2)

CVE-2013-0651 CVE-2013-0652

To mitigate these information disclosure vulnerabilities, GE recommends making the following configuration changes: Disable “Anonymous Authentication” and “Windows Authentication.” Require authentication for all Portal users. Configure an SSL certificate to encrypt Portal application traffic.
Please see GE Intelligent Platforms Product Security Advisory GEIP12-14 and GEIP12-15 for detailed instructions.

GE · Proficy Real-Time Information Portal vers:all/*

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.