5 matches found
CVE-2022-35873
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2022-35871
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authenticateAdSso method. The issue results from th...
CVE-2022-35871
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authenticateAdSso method. The issue results from th...
CVE-2022-35869
This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. Authentication is not required to exploit this vulnerability. The specific flaw exists within com.inductiveautomation.ignition.gateway.web.pages. The...
CVE-2022-35870
CVE-2022-35870 affects Inductive Automation Ignition 8.1.15 (b2022030114). The flaw is deserialization of untrusted data in com.inductiveautomation.metro.impl that can be exploited to execute code with SYSTEM privileges, bypassing authentication. Public disclosures reference ZDI-2022-1017; Red Ha...