Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-02-13 CVE-2017-5155 Insecure Default Initialization of Resource vulnerability in Schneider-Electric Wonderware Historian 2014R2Sp1P01
An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier.
network
low complexity
schneider-electric CWE-1188
7.3
7.3
2017-02-13 CVE-2017-5154 SQL Injection vulnerability in Advantech Webaccess 8.1
An issue was discovered in Advantech WebAccess Version 8.1.
network
low complexity
advantech CWE-89
critical
 9.8
9.8
2017-02-13 CVE-2017-5153 Information Exposure Through Log Files vulnerability in Osisoft PI Coresight and PI web API
An issue was discovered in OSIsoft PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed using the PI AF Services 2016 R2 integrated install kit.
local
low complexity
osisoft CWE-532
7.8
7.8
2017-02-13 CVE-2017-5152 Improper Authentication vulnerability in Advantech Webaccess 8.1
An issue was discovered in Advantech WebAccess Version 8.1.
network
low complexity
advantech CWE-287
critical
 9.1
9.1
2017-02-13 CVE-2017-5151 SQL Injection vulnerability in Panasonic Video Insight web Client 6.3.5.11
An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions.
network
low complexity
panasonic CWE-89
7.3
7.3
2017-02-13 CVE-2017-5146 Information Exposure vulnerability in Carlosgavazzi Vmu-C EM Firmware and Vmu-C PV Firmware
An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17.
network
low complexity
carlosgavazzi CWE-200
7.5
7.5
2017-02-13 CVE-2017-5145 Cross-Site Request Forgery (CSRF) vulnerability in Carlosgavazzi Vmu-C EM Firmware and Vmu-C PV Firmware
An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17.
network
low complexity
carlosgavazzi CWE-352
critical
 10.0
10
2017-02-13 CVE-2017-5144 Unspecified vulnerability in Carlosgavazzi Vmu-C EM Firmware and Vmu-C PV Firmware
An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17.
network
low complexity
carlosgavazzi
critical
 9.8
9.8
2017-02-13 CVE-2017-5143 Path Traversal vulnerability in Honeywell XL web II Controller Xlwebexe10208/Xlwebexe20100
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior.
network
low complexity
honeywell CWE-22
8.6
8.6
2017-02-13 CVE-2017-5142 Improper Privilege Management vulnerability in Honeywell XL web II Controller Xlwebexe10208/Xlwebexe20100
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior.
network
low complexity
honeywell CWE-269
critical
 9.1
9.1