Lucene search
+L
SoftingSecure Integration Server

4 matches found

CVE
CVE
added 2024/05/03 2:10 a.m.62 views

CVE-2023-39481

CVE-2023-39481 affects Softing Secure Integration Server. The root cause is an inconsistency in URI parsing between NGINX and the application web server, enabling an attacker to execute arbitrary code in the root context. The vulnerability is described as remote code execution and is noted to all...

8.8CVSS7AI score0.01252EPSS
CVE
CVE
added 2024/05/03 2:10 a.m.56 views

CVE-2023-39478

The CVE-2023-39478 issue affects Softing Secure Integration Server. Affected component is the OPC FileDirectory namespace handling, where lack of proper validation of user-supplied data when creating a server object can enable remote code execution in the root context. Attackers can exploit this ...

8.8CVSS6.9AI score0.01252EPSS
CVE
CVE
added 2024/05/03 1:59 a.m.54 views

CVE-2023-38125

CVE-2023-38125 affects Softing edgeAggregator. The root cause is a misconfigured web server that lacks appropriate Content Security Policy headers, enabling a permissive cross-domain policy with untrusted domains. This can allow remote attackers to trigger remote code execution in the context of ...

8.8CVSS8AI score0.01063EPSS
CVE
CVE
added 2024/05/03 2:10 a.m.54 views

CVE-2023-39479

Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability (CVE-2023-39479) affects the OPC UA Gateway handling of FileDirectory OPC UA Objects. The flaw allows remote attackers, bypassing authentication, to create directories by accessing the filesystem, potentially enabli...

8.8CVSS6.7AI score0.01252EPSS