Filtered by vendor Openautomationsoftware
Subscribe
Search
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27169 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2022-26077 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability. | |||||
| CVE-2022-26026 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2022-26303 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2022-26067 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2022-26043 | 1 Openautomationsoftware | 1 Oas Platform | 2023-07-26 | 5.0 MEDIUM | 7.5 HIGH |
| An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of requests to trigger this vulnerability. | |||||