Lucene search
K

169 matches found

Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.6 views

PT-2022-17648 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: An information disclosure issue exists in the OAS Engine SecureTransferFiles functionality. A specially-crafted series of network requests can lead to arbitrary file read. ...

7.5CVSS7.2AI score0.01221EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.5 views

Open Automation Software OAS Platform 安全漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform version V16.00.0112 is vulnerable to information disclosure and can be exploited by attackers to obtain sensitive information via targeted...

7.5CVSS5.5AI score0.01093EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.5 views

PT-2022-3463 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version V16.00.0112 Description: The issue concerns the OAS Engine SecureAddSecurity functionality, where a lack of authentication check for a critical function can be exploited. An attacker can send a...

7.8CVSS7.5AI score0.01208EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.6 views

PT-2022-17638 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: A denial of service issue exists in the OAS Engine SecureConfigValues functionality. It can be triggered by a specially-crafted network request, leading to a loss of...

7.5CVSS7.3AI score0.0114EPSS
Exploits1References2
Talos
Talos
added 2022/05/25 12:0 a.m.30 views

Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability

Summary An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger th...

7.5CVSS7.6AI score0.01641EPSS
Exploits1
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.5 views

Open Automation Software OAS Platform 访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform V16.00.0112 contains a file-writing vulnerability that can be exploited by attackers to cause remote code execution with specially crafted...

9.8CVSS6.5AI score0.18607EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.4 views

Open Automation Software OAS Platform 访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform V16.00.0121 is vulnerable to an access control error that could be exploited by an attacker to make unauthenticated use of the REST API wit...

9.4CVSS5.6AI score0.37606EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/05/25 12:0 a.m.4 views

CVE-2022-26833

An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...

9.4CVSS5.9AI score0.37606EPSS
Exploits1References3Affected Software1
Talos
Talos
added 2022/05/25 12:0 a.m.35 views

Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability

Summary A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can...

7.5CVSS7.8AI score0.01093EPSS
Exploits1
Talos
Talos
added 2022/05/25 12:0 a.m.75 views

Open Automation Software Platform Engine SecureTransferFiles file write vulnerability

Summary A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

9.8CVSS10AI score0.18607EPSS
Exploits1
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.7 views

Open Automation Software OAS Platform 访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. An information disclosure vulnerability exists in Open Automation Software OAS Platform version V16.00.0112, which stems from an information disclosure issue in the OAS Engine...

7.5CVSS5.8AI score0.01221EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.6 views

Open Automation Software OAS Platform 访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. A denial-of-service vulnerability exists in Open Automation Software OAS Platform, which can be exploited by attackers to cause a loss of communication with the help of speciall...

7.5CVSS5.6AI score0.0114EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.5 views

PT-2022-2739 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version V16.00.0112 Description: A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality, allowing remote code execution through a specially-crafted series of network request...

9.8CVSS10AI score0.18607EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.3 views

Open Automation Software OAS Platform 访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform V16.00.0112 contains an information disclosure vulnerability that could be exploited by attackers to compromise sensitive information...

7.5CVSS5.5AI score0.01641EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.4 views

PT-2022-18264 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: An information disclosure issue exists in the OAS Engine SecureBrowseFile functionality. A specially-crafted network request can lead to a disclosure of sensitive...

7.5CVSS7.2AI score0.01641EPSS
Exploits1References3
Talos
Talos
added 2022/05/25 12:0 a.m.67 views

Open Automation Software OAS Platform REST API unauthenticated vulnerability

Summary An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...

9.4CVSS9.3AI score0.37606EPSS
Exploits1
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.5 views

Open Automation Software OAS Platform 访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. Open Automation Software OAS Platform V16.00.0112 is vulnerable to an access control error that could be exploited to create OAS user accounts with specially crafted network...

7.5CVSS5.5AI score0.01208EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.17 views

PT-2022-17655 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: A cleartext transmission of sensitive information issue exists in the OAS Engine configuration communications functionality. This can be exploited through a targeted networ...

7.5CVSS7.2AI score0.01093EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/05/25 12:0 a.m.1 views

PT-2022-2740 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0121 Description: The issue is related to an improper authentication vulnerability in the REST API functionality. This vulnerability can be triggered by a specially-crafted series of HTTP...

9.7CVSS9.3AI score0.37606EPSS
Exploits1References6
NVD
NVD
added 2015/12/23 3:59 a.m.12 views

CVE-2015-7917

Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory...

7.2CVSS7AI score0.00392EPSS
Exploits0References2
Rows per page
Query Builder