Vulnerabilities > CVE-2023-35124 - Unspecified vulnerability in Openautomationsoftware OAS Platform 18.00.0072

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
openautomationsoftware

Summary

An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.

Vulnerable Configurations

Part Description Count
Application
Openautomationsoftware
1