Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2025/12/10 2:22 p.m.7 views

CVE-2025-12807

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS6.7AI score0.004EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.6 views

CVE-2025-12807

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS0.004EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 1:56 p.m.3 views

CVE-2025-12807 FactoryTalk® DataMosaix™ Private Cloud SQL Injection

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS6.4AI score0.004EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 1:56 p.m.21 views

CVE-2025-12807

DataMosaix Private Cloud (FactoryTalk) is affected by CVE-2025-12807. The vulnerability arises from API endpoints that allow low-privilege users to perform sensitive database operations, indicating an authorization/exposure flaw in the product’s API surface. Reported impact includes the potential...

8.7CVSS6.4AI score0.004EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 1:56 p.m.27 views

CVE-2025-12807 FactoryTalk® DataMosaix™ Private Cloud SQL Injection

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS0.004EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-49867

CVE-2025-12807 A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints. https://t.co/lEhiHUNcHf...

8.7CVSS6.7AI score0.004EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/12 2:3 p.m.13 views

CVE-2025-11085

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS6.8AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/12 2:3 p.m.19 views

CVE-2025-11084

A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period...

7.6CVSS6.6AI score0.0013EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 3:31 p.m.4 views

EUVD-2025-84347

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS6.3AI score0.00309EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 3:31 p.m.6 views

EUVD-2025-84346

A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period...

7.6CVSS6.1AI score0.0013EPSS
Exploits0References2
NVD
NVD
added 2025/11/11 2:15 p.m.8 views

CVE-2025-11085

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 1:35 p.m.9 views

CVE-2025-11085 FactoryTalk® DataMosaix™ Private Cloud – Persistent XSS

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46338

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS6.8AI score0.00309EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46337

A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period...

7.6CVSS6.6AI score0.0013EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/28 3:16 p.m.11 views

CVE-2025-0659 Path Traversal and Rockwell Automation Third-party Vulnerability in DataMosaix™ Private Cloud

A path traversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud. By specifying the character sequence in the body of the vulnerable endpoint, it is possible to overwrite files outside of the intended directory. A threat actor with admin privileges could...

7CVSS0.00376EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/28 3:16 p.m.4 views

CVE-2025-0659 Path Traversal and Rockwell Automation Third-party Vulnerability in DataMosaix™ Private Cloud

A path traversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud. By specifying the character sequence in the body of the vulnerable endpoint, it is possible to overwrite files outside of the intended directory. A threat actor with admin privileges could...

7CVSS6.4AI score0.00376EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.4 views

PT-2025-3997 · Rockwell Automation · Dataedge Platform Datamosaix Private Cloud

Name of the Vulnerable Software and Affected Versions: Rockwell Automation DataEdge Platform DataMosaix Private Cloud affected versions not specified Description: A path traversal issue exists, allowing files to be overwritten outside the intended directory by specifying a character sequence in t...

7CVSS6.5AI score0.00376EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.2 views

Rockwell Automation DataEdge Platform DataMosaix Private Cloud 安全漏洞

Rockwell Automation DataEdge Platform DataMosaix Private Cloud is an industrial data platform from Rockwell Automation USA designed to help organizations enable smart manufacturing, Internet of Things IoT and industrial data integration. Rockwell Automation DataEdge Platform DataMosaix Private...

7CVSS6.7AI score0.00376EPSS
Exploits0References1
ICS
ICS
added 2024/10/10 6:0 a.m.14 views

Rockwell Automation DataMosaix Private Cloud

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : DataMosaix Private Cloud Vulnerabilities : Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization, Incorrect Authorization 2. RISK...

7.8AI score
Exploits0References10
ICS
ICS
added 2024/08/13 6:0 a.m.21 views

Rockwell Automation DataMosaix Private Cloud

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : DataMosaix Private Cloud Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

8.6CVSS6.5AI score0.00378EPSS
Exploits0References10
Rows per page
Query Builder