The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
ignition_gateway | ge | 8.0 | |
ignition_gateway | lt | 8.0.10 | |
ignition_gateway | ge | 7.2.4.48 | |
ignition_gateway | lt | 7.9.14 |