RSS   Vulnerabilities for 'Aurora vision'   RSS

2021-11-03
 
CVE-2021-33210

CWE-287
 

 
An issue was discovered in Fimer Aurora Vision before 2.97.10. An attacker can (in the WebUI) obtain plant information without authentication by reading the response of APIs from a kiosk view of a plant.

 
 
CVE-2021-33209

CWE-307
 

 
An issue was discovered in Fimer Aurora Vision before 2.97.10. The response to a failed login attempt discloses whether the username or password is wrong, helping an attacker to enumerate usernames. This can make a brute-force attack easier.

 


Copyright 2024, cxsecurity.com

 

Back to Top