← Volver a CVEs
CVE-2026-1693
HIGH7.5
Descripcion
The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue features of PcVue in version 12.0.0 through 16.3.3 included despite being deprecated. It might allow a remote attacker to steal user credentials.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado2/26/2026
Ultima modificacion3/12/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
arcinformatique:pcvue
Debilidades (CWE)
CWE-477CWE-1390
Referencias
https://www.pcvue.com/security/#SB2026-2(87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.