Lucene search
K

5 matches found

Prion
Prion
added 2017/02/13 9:59 p.m.15 views

Session fixation

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. An attacker can establish a new user session, without invalidating any existing session identifier, which gives the opportunity to steal authenticated session...

6.5CVSS6.5AI score0.01102EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.20 views

CVE-2017-5139

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Any user is able to disclose a password by accessing a specific URL, because of Plaintext Storage of a Password...

9.5AI score0.01744EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.19 views

CVE-2017-5141

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. An attacker can establish a new user session, without invalidating any existing session identifier, which gives the opportunity to steal authenticated session...

6.6AI score0.01102EPSS
Exploits0References2
CNVD
CNVD
added 2017/02/05 12:0 a.m.3 views

Honeywell XL Web II Controller Session Fixation Vulnerability

Honeywell XL Web Controller is a web-based SCADA system. A session fixation vulnerability exists in Honeywell XL Web II Controller, which can be exploited by an attacker to establish a new user session and steal authenticated sessions...

6.5CVSS6.8AI score0.01102EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/05 12:0 a.m.4 views

Honeywell XL Web II Controller plaintext stored password vulnerability (CNVD-2017-00914)

Honeywell XL Web Controller is a web-based SCADA system. A plaintext stored password vulnerability exists in Honeywell XL Web II Controller, which can be exploited by an attacker to obtain a user's password...

9.8CVSS6.9AI score0.01744EPSS
Exploits0References1
Rows per page
Query Builder