Vulnerabilities > Inductiveautomation

DATE CVE VULNERABILITY TITLE RISK
2024-05-03 CVE-2023-39473 Unspecified vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation
8.8
2024-05-03 CVE-2023-39474 Unspecified vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation
8.8
2024-05-03 CVE-2023-39475 Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation CWE-502
critical
9.8
2024-05-03 CVE-2023-39476 Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation CWE-502
critical
9.8
2024-05-03 CVE-2023-39477 Unspecified vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability.
network
low complexity
inductiveautomation
7.5
2024-05-03 CVE-2023-38121 Cross-site Scripting vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation CWE-79
critical
9.0
2024-05-03 CVE-2023-38122 Unspecified vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability.
network
low complexity
inductiveautomation
7.2
2024-05-03 CVE-2023-38123 Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability.
network
low complexity
inductiveautomation CWE-306
8.8
2022-08-05 CVE-2022-1704 Unspecified vulnerability in Inductiveautomation Ignition
Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup.
network
low complexity
inductiveautomation
critical
9.8
2022-07-25 CVE-2022-35869 Unspecified vulnerability in Inductiveautomation Ignition 8.1.15
This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114).
network
low complexity
inductiveautomation
critical
9.8