Authentication flaw

2022-01-2119:15:00

PRIOn knowledge base

www.prio-n.com

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

JSON

The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently.

CPENameOperatorVersion
agilia_connect_firmwareeq<= d25
agilia_partner_maintenance_softwarele3.3.0
link\\+_agilia_firmwarelt3.0
link\\+_agilia_firmwareeq3.0
link\\+_agilia_firmwareeq3.0 d15
vigilant_centeriumeq1.0
vigilant_insighteq1.0
vigilant_mastermedeq1.0

Name	Operator	Version
agilia_connect_firmware	eq	<= d25
agilia_partner_maintenance_software	le	3.3.0
link\\+_agilia_firmware	lt	3.0
link\\+_agilia_firmware	eq	3.0
link\\+_agilia_firmware	eq	3.0 d15
vigilant_centerium	eq	1.0
vigilant_insight	eq	1.0
vigilant_mastermed	eq	1.0

References

www.cisa.gov/uscert/ics/advisories/icsma-21-355-01