Lucene search
K
OpenautomationsoftwareOpen Automation Software

5 matches found

CVE
CVE
added 2024/04/03 1:55 p.m.80 views

CVE-2024-24976

CVE-2024-24976 affects Open Automation Software OAS Platform, specifically the OAS Engine File Data Source Configuration in v19.00.0057. Talos reports a denial-of-service condition caused by improper handling of a File Data Source Path, where a crafted sequence of network requests can trigger an ...

4.9CVSS7.7AI score0.00901EPSS
CVE
CVE
added 2024/04/03 1:55 p.m.78 views

CVE-2024-21870

CVE-2024-21870 affects Open Automation Software OAS Platform V19.00.0057. Talos reports a file write vulnerability in the OAS Engine Tags Configuration: a sequence of authenticated requests can create or overwrite arbitrary files via the File Data Source/Tag configuration path, potentially leadin...

4.9CVSS8AI score0.00662EPSS
CVE
CVE
added 2024/04/03 1:55 p.m.70 views

CVE-2024-27201

Open Automation Software OAS Platform, version V19.00.0057, contains CVE-2024-27201: an improper input validation in the OAS Engine User Configuration allows a sequence of network requests to cause unexpected data in the configuration (e.g., decoy usernames with unusual characters). Talos confirm...

4.9CVSS5.8AI score0.00662EPSS
CVE
CVE
added 2024/04/03 1:55 p.m.64 views

CVE-2024-22178

Open Automation Software OAS Platform (V19.00.0057) has a file-write vulnerability in the OAS Engine Save Security Configuration feature. A crafted sequence of network requests can create or overwrite arbitrary files. TALOS confirms CVE-2024-22178 (CWE-73) affects OAS Platform V19.00.0057; impact...

4.9CVSS6AI score0.00662EPSS
CVE
CVE
added 2024/12/06 5:45 p.m.63 views

CVE-2024-11220

CVE-2024-11220 affects Open Automation Software (OAS). A local, low-privilege user with credentials to the running OAS services can create and run an rdlx report file on the server , causing code in the rdlx to execute with SYSTEM privileges and perform privilege escalation. Reported impact align...

8.5CVSS7.7AI score0.00152EPSS