2 matches found
CVE-2021-38431
CVE-2021-38431 affects Advantech WebAccess SCADA (WebAccess/SCADA) versions 9.0.3 and earlier. An authenticated user can use API functions to disclose project names and paths from other users due to a missing authorization issue (CWE-862). The CVSS v3 base score is 4.3 (Network, Low attack comple...
Advantech WebAccess SCADA
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess SCADA Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access project names and paths. 3...