Ignition@8.1.0 Security Vulnerabilities and Issues — Ignition@8.1.0 CVE List

Lucene search

InductiveautomationIgnition8.1.0

14 matches found

CVE•added 2024/05/03 3:15 a.m.•62 views

CVE-2023-39472

Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vuln...

6.5CVSS6.2AI score0.00534EPSS

CVE•added 2024/05/03 3:16 a.m.•58 views

CVE-2023-50218

Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability...

8.8CVSS9AI score0.49274EPSS

CVE•added 2024/05/03 3:15 a.m.•53 views

CVE-2023-39473

Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vu...

8.8CVSS9.1AI score0.28593EPSS

CVE•added 2024/05/03 3:16 a.m.•53 views

CVE-2023-50221

Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exp...

8.8CVSS8.9AI score0.0231EPSS

CVE•added 2024/05/03 3:16 a.m.•50 views

CVE-2023-50220

Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerabilit...

8.8CVSS7.5AI score0.05339EPSS

CVE•added 2024/05/03 3:16 a.m.•50 views

CVE-2023-50232

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the tar...

8.8CVSS9AI score0.02187EPSS

CVE•added 2024/05/03 3:16 a.m.•49 views

CVE-2023-50222

Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit t...

8.8CVSS8.9AI score0.02378EPSS

CVE•added 2024/05/03 3:16 a.m.•48 views

CVE-2023-50233

Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in tha...

8.8CVSS8.9AI score0.03655EPSS

CVE•added 2024/05/03 3:15 a.m.•46 views

CVE-2023-39477

Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerabi...

7.5CVSS7.5AI score0.00494EPSS

CVE•added 2024/05/03 3:16 a.m.•46 views

CVE-2023-50223

Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vuln...

8.8CVSS9AI score0.49274EPSS

CVE•added 2024/05/03 3:16 a.m.•45 views

CVE-2023-50219

Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. Th...

8.8CVSS9AI score0.06764EPSS

CVE•added 2024/05/03 3:15 a.m.•44 views

CVE-2023-39474

Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target m...

8.8CVSS8.2AI score0.00776EPSS

CVE•added 2024/05/03 3:15 a.m.•42 views

CVE-2023-39475

Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required...

9.8CVSS9.8AI score0.01735EPSS

CVE•added 2024/05/03 3:15 a.m.•42 views

CVE-2023-39476

Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this...

9.8CVSS9.8AI score0.01735EPSS