This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The WellinTech KingSCADA server installed on the remote host is
affected by an authentication credential disclosure vulnerability.
The WellinTech KingSCADA server installed on the remote host is a
version prior to 184.108.40.206-EN. It is, therefore, affected by a
vulnerability in the KAEClientManager console that allows a remote
attacker to authenticate locally on the device rather than on the
server, thus bypassing intended access restrictions. The attacker,
by sending a crafted packet to TCP port 8130, can then gain access to
authentication credential information.
See also :
Upgrade KingSCADA to version 220.127.116.11-EN.
Risk factor :
Medium / CVSS Base Score : 6.4