Lucene search
HistoryApr 03, 2015 - 10:59 a.m.
CVE-2015-0993
cve-2015-0993
inductive automation
ignition 7.7.2
session termination
logout action
access restrictions
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
9.1 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.5%
Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
Affected configurations
Node
inductiveautomationignitionMatch7.7.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| inductiveautomation:ignition | inductiveautomation ignition | eq | 7.7.2 |
Related
cvelist
cvelist
CVE-2015-0993
2015-04-03 10:00:00
nvd
nvd
CVE-2015-0993
2015-04-03 10:59:15
prion
prion
Design/Logic Flaw
2015-04-03 10:59:00
nessus
nessus
Inductive Automation Ignition Multiple Vulnerabilities
2015-06-02 00:00:00
kaspersky
kaspersky
KLA10535 Multiple vulnerabilities in Inductive Automation Ignition
2015-04-03 00:00:00
openvas
openvas
Inductive Automation Ignition < 7.7.4 Multiple Vulnerabilities
2015-04-11 00:00:00
ics
ics
Inductive Automation Ignition Vulnerabilities
2018-08-27 12:00:00
googleprojectzero
googleprojectzero
DΓ©jΓ vu-lnerability
2021-02-03 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
9.1 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.5%
Related for CVE-2015-0993