Vulnerabilities > Inductiveautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-1704 | XXE vulnerability in Inductiveautomation Ignition Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup. | 9.8 |
| 2022-07-25 | CVE-2022-35869 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Inductiveautomation Ignition 8.1.15 This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). | 9.8 |
| 2022-07-25 | CVE-2022-35870 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition 8.1.15 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). | 7.8 |
| 2022-07-25 | CVE-2022-35871 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition 8.1.15 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). | 7.8 |
| 2022-07-25 | CVE-2022-35872 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition 8.1.15 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). | 7.8 |
| 2022-07-25 | CVE-2022-35873 | Unspecified vulnerability in Inductiveautomation Ignition 8.1.15 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). | 7.8 |
| 2022-07-20 | CVE-2022-1264 | Path Traversal vulnerability in Inductiveautomation Ignition The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code. | 8.8 |
| 2022-07-16 | CVE-2022-36126 | Incorrect Authorization vulnerability in Inductiveautomation Ignition An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. | 7.2 |
| 2022-07-15 | CVE-2022-35890 | Incorrect Authorization vulnerability in Inductiveautomation Ignition An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. | 9.8 |
| 2022-04-01 | CVE-2020-14479 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Sensitive information can be obtained through the handling of serialized data. | 5.3 |