The vulnerability of Dream Report and AVEVA Reports for Operations, which are used for generating production reports and analytics, stems from errors in processing the relative path to the catalog. This allows an attacker to execute arbitrary code.

The vulnerability of Dream Report and AVEVA Reports for Operations, which are used for generating production reports and analytics, is related to errors in processing the relative path to the catalog. Exploiting this vulnerability could allow an attacker to execute arbitrary code by loading a...

Ocean Data Systems Dream Report

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Ocean Data Systems Equipment : Dream Report 2023 Vulnerabilities : Path Traversal, Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these...

PT-2024-8348 · Aveva · Aveva Reports For Operations

Name of the Vulnerable Software and Affected Versions: Dream Report versions affected versions not specified AVEVA Reports for Operations versions affected versions not specified Description: The issue is related to errors in processing relative path to directory, which could allow an attacker to...