Vulnerabilities > Honeywell

DATE	CVE	VULNERABILITY TITLE	RISK
2017-02-13	CVE-2017-5142	Improper Privilege Management vulnerability in Honeywell XL web II Controller Xlwebexe10208/Xlwebexe20100 An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. network low complexity honeywell CWE-269 critical	9.1
2017-02-13	CVE-2017-5141	Session Fixation vulnerability in Honeywell XL web II Controller Xlwebexe10208/Xlwebexe20100 An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. network low complexity honeywell CWE-384	6.0
2017-02-13	CVE-2017-5140	Insufficiently Protected Credentials vulnerability in Honeywell XL web II Controller Xlwebexe10208/Xlwebexe20100 An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. network low complexity honeywell CWE-522 critical	9.8
2017-02-13	CVE-2017-5139	Insufficiently Protected Credentials vulnerability in Honeywell XL web II Controller Xlwebexe10208/Xlwebexe20100 An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. network low complexity honeywell CWE-522 critical	9.8
2017-02-13	CVE-2016-8344	Improper Input Validation vulnerability in Honeywell Experion Process Knowledge System An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release 430, and Experion PKS, Release 431. network high complexity honeywell CWE-20	3.7
2016-04-21	CVE-2016-2280	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Honeywell Uniformance Process History Database R310/R320/R321 Buffer overflow in RDISERVER in Honeywell Uniformance Process History Database (PHD) R310, R320, and R321 allows remote attackers to cause a denial of service (service outage) via unspecified vectors. network low complexity honeywell CWE-119	7.5
2015-12-21	CVE-2015-7907	Path Traversal vulnerability in Honeywell Midas Black Firmware and Midas Firmware Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors. network low complexity honeywell CWE-22	8.6

Vulnerabilities > Honeywell {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Honeywell"}]}

Vulnerabilities > Honeywell