Oas Platform@16.00.0112 Security Vulnerabilities and Issues — Oas Platform@16.00.0112 CVE List

Lucene search

OpenautomationsoftwareOas Platform16.00.0112

8 matches found

CVE•added 2022/05/25 9:15 p.m.•680 views

CVE-2022-26833

An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerabili...

9.4CVSS9.3AI score0.8809EPSS

CVE•added 2022/05/25 9:15 p.m.•86 views

CVE-2022-26082

A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

9.8CVSS9.7AI score0.02703EPSS

CVE•added 2022/05/25 9:15 p.m.•75 views

CVE-2022-26043

An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of requests to ...

7.5CVSS7.5AI score0.0037EPSS

CVE•added 2022/05/25 9:15 p.m.•74 views

CVE-2022-27169

An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnera...

7.5CVSS7.2AI score0.00565EPSS

CVE•added 2022/05/25 9:15 p.m.•72 views

CVE-2022-26077

A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff netwo...

7.5CVSS7.3AI score0.00148EPSS

CVE•added 2022/05/25 9:15 p.m.•70 views

CVE-2022-26026

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability.

7.5CVSS7.4AI score0.00378EPSS

CVE•added 2022/05/25 9:15 p.m.•68 views

CVE-2022-26067

An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulner...

7.5CVSS7.2AI score0.00286EPSS

CVE•added 2022/05/25 9:15 p.m.•59 views

CVE-2022-26303

An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigger ...

7.5CVSS7.5AI score0.0039EPSS