Vulnerabilities > Inductiveautomation > Ignition Gateway > 7.6.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2020-12004 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Gateway The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information. | 5.0 |
| 2020-06-09 | CVE-2020-12000 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Gateway The affected product is vulnerable to the handling of serialized data. | 7.5 |
| 2020-06-09 | CVE-2020-10644 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Gateway The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information. | 5.0 |