Vulnerabilities > Inductiveautomation

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-12000 Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Gateway
The affected product is vulnerable to the handling of serialized data.
network
low complexity
inductiveautomation CWE-502
7.5
2020-06-09 CVE-2020-10644 Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Gateway
The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.
network
low complexity
inductiveautomation CWE-502
7.5
2020-04-28 CVE-2020-10641 Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Gateway
An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication.
network
low complexity
inductiveautomation CWE-306
7.5