Ignition Gateway Security Vulnerabilities and Issues — Ignition Gateway CVE List

Lucene search

InductiveautomationIgnition Gateway

5 matches found

CVE•added 2020/06/09 6:15 p.m.•90 views

CVE-2020-12004

The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.

7.5CVSS7.5AI score0.20359EPSS

CVE•added 2020/06/09 6:15 p.m.•89 views

CVE-2020-10644

The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.

7.5CVSS7.4AI score0.20891EPSS

CVE•added 2020/04/28 7:15 p.m.•50 views

CVE-2020-10641

An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway (versions prior to 8.0.10), causing a denial-of-service condition.

7.5CVSS7.4AI score0.00251EPSS

CVE•added 2020/06/09 6:15 p.m.•46 views

CVE-2020-12000

The affected product is vulnerable to the handling of serialized data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9...

7.5CVSS7.5AI score0.00399EPSS

CVE•added 2020/07/31 1:15 p.m.•34 views

CVE-2020-14520

The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (all versions prior to 8.0.13).

7.5CVSS7.2AI score0.00216EPSS