RSS   Podatności dla 'Ignition gateway'   RSS

2020-06-09
 
CVE-2020-12004

CWE-306
 

 
The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway (versions prior to 8.0.10), allowing an attacker to obtain sensitive information.

 
 
CVE-2020-12000

CWE-502
 

 
The affected product is vulnerable to the handling of serialized data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10), allowing an attacker to obtain sensitive information.

 
 
CVE-2020-10644

CWE-502
 

 
The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10), allowing an attacker to obtain sensitive information.

 
2020-04-28
 
CVE-2020-10641

CWE-400
 

 
An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway (versions prior to 8.0.10), causing a denial-of-service condition.

 

 >>> Vendor: Inductiveautomation 2 Produkty
Ignition
Ignition gateway


Copyright 2024, cxsecurity.com

 

Back to Top