Vulnerabilities > CVE-2020-26869 - Unspecified vulnerability in Pcvuesolutions Pcvue 12/8.10
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users. This issue also affects third-party systems based on the Web Services Toolkit.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-017-session-information-exposure-in-arc-informatique-pcvue/
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-017-session-information-exposure-in-arc-informatique-pcvue/
- https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03
- https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03
- https://www.pcvuesolutions.com/security
- https://www.pcvuesolutions.com/security
- https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1
- https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1