CVE-2019-19869

An issue was discovered in B Industrial Automation APROL before R4.2 V7.08. PVs could be changed unencrypted by using the IosHttp service and the JSON interface...

CVE-2019-19878

B&R Industrial Automation APROL is affected (before R4.2, V7.08). The vulnerability allows an attacker to bypass authentication and access historical data in AprolSqlServer. Root cause is authentication bypass; impact is exposure of historical data. No exploit details or patch information are pro...

CVE-2019-19876

CVE-2019-19876 affects B&R Industrial Automation APROL prior to R4.2 V7.08. The EnMon PHP script is vulnerable to SQL injection, a separate vulnerability from CVE-2019-10006. Connected documents corroborate APROL exposure and identify the vulnerability class as SQL injection in the EnMon PHP comp...

CVE-2019-19874

CVE-2019-19874 affects B&R Industrial Automation APROL before R4.2 V7.08. The Red Hat entries describe an issue where web scripts in the APROL web interface allow injection and execution of arbitrary commands on the web server; the AprolCluster script can be invoked via sudo and run with root pri...

CVE-2019-19872

An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. The AprolLoader could be used to inject and execute arbitrary unintended commands via an unspecified attack scenario, a different vulnerability than CVE-2019-16364...

CVE-2019-19872

CVE-2019-19872 affects B&R Industrial Automation APROL before R4.2 V7.08, where the AprolLoader could be used to inject and execute arbitrary unintended commands under an unspecified attack scenario. The accompanying Red Hat/PRION/NVD records describe related issues in APROL (before R4.2 V7.08) i...

CVE-2019-19869

An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. PVs could be changed unencrypted by using the IosHttp service and the JSON interface...

B&r Automation APROL Authorization Issues Vulnerability

B&r Automation APROL is a Linux-based process control system for industrial control applications from B&r Automation Australia. An authorization issue vulnerability exists in versions prior to B&R Industrial Automation APROL R4.2 V7.08, which can be exploited by an attacker to bypass authenticati...

B&R Industrial Automation APROL Path Traversal Vulnerability

B&r Automation B&r Automation APROL is a Linux-based process control system for industrial control applications from B&r Automation, Australia. A path traversal vulnerability exists in versions prior to B&R Industrial Automation APROL R4.2 V7.08, which can be exploited by an attacker to attack...