Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Desigo Insight Security Vulnerabilities - 2020

cve
cve

CVE-2020-15792

A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack.

4.3CVSS

5.1AI Score

0.001EPSS

2020-10-15 07:15 PM
32
3
cve
cve

CVE-2020-15793

A vulnerability has been identified in Desigo Insight (All versions). The device does not properly set the X-Frame-Options HTTP Header which makes it vulnerable to Clickjacking attacks. This could allow an unauthenticated attacker to retrieve or modify data in the context of a legitimate user by tr...

5.4CVSS

5.3AI Score

0.001EPSS

2020-10-15 07:15 PM
32
cve
cve

CVE-2020-15794

A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the web application show the absolute path to the requested resource. This could allow an authenticated attacker to retrieve additional information about the host system.

4.3CVSS

4.3AI Score

0.001EPSS

2020-10-15 07:15 PM
32