Vulnerabilities > Inductiveautomation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-09 | CVE-2020-12000 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Gateway The affected product is vulnerable to the handling of serialized data. | 7.5 |
2020-06-09 | CVE-2020-10644 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Gateway The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information. | 7.5 |
2020-04-28 | CVE-2020-10641 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Gateway An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. | 7.5 |