5 matches found
CVE-2020-14520
The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 all versions prior to 8.0.13...
CVE-2020-14520
The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 all versions prior to 8.0.13...
CVE-2020-14520
The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 all versions prior to 8.0.13...
CVE-2020-14520
CVE-2020-14520 affects Inductive Automation Ignition 8 (all versions prior to 8.0.13). The reported vulnerability is missing authorization via an unprotected API, enabling information disclosure by issuing an HTTP request to determine if a given filesystem path exists. The ICS-CERT advisory cites...
Inductive Automation Ignition 8
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition 8 Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive...