Vulnerabilities (CVE)

Filtered by vendor Opcfoundation Subscribe

Filtered by product Ua-.net-legacy

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-7559	1 Opcfoundation	2 Ua-.net-legacy, Ua-.netstandard	2019-06-10	3.5 LOW	5.3 MEDIUM
An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server's private key by sending carefully constructed bad UserIdentityTokens as part of an oracle attack.
CVE-2018-12087	1 Opcfoundation	2 Ua-.net-legacy, Ua-.netstandard	2019-01-14	2.1 LOW	5.3 MEDIUM
Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords.