Vulnerabilities (CVE)

Filtered by vendor Openautomationsoftware Subscribe

Filtered by product Oas Platform

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-26833	1 Openautomationsoftware	1 Oas Platform	2023-07-26	7.5 HIGH	9.8 CRITICAL
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVE-2022-26082	1 Openautomationsoftware	1 Oas Platform	2023-07-26	7.5 HIGH	9.8 CRITICAL
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.