Vulnerabilities > Inductiveautomation > Ignition > 7.6.4

DATE CVE VULNERABILITY TITLE RISK
2024-05-03 CVE-2023-38124 Unspecified vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation
8.8
8.8
2024-05-03 CVE-2023-38121 Cross-site Scripting vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation CWE-79
critical
 9.0
9.0
2024-05-03 CVE-2023-38122 Unspecified vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation
7.2
7.2
2024-05-03 CVE-2023-38123 Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability.
network
low complexity
inductiveautomation CWE-306
8.8
8.8
2022-07-16 CVE-2022-36126 Incorrect Authorization vulnerability in Inductiveautomation Ignition
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17.
network
low complexity
inductiveautomation CWE-863
7.2
7.2
2022-07-15 CVE-2022-35890 Incorrect Authorization vulnerability in Inductiveautomation Ignition
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17.
network
low complexity
inductiveautomation CWE-863
critical
 9.8
9.8
2022-04-01 CVE-2020-14479 Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition
Sensitive information can be obtained through the handling of serialized data.
network
low complexity
inductiveautomation CWE-306
5.3
5.3