Vulnerabilities > Inductiveautomation > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-1704 | Unspecified vulnerability in Inductiveautomation Ignition Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup. | 9.8 |
| 2022-07-25 | CVE-2022-35869 | Unspecified vulnerability in Inductiveautomation Ignition 8.1.15 This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). | 9.8 |
| 2022-07-15 | CVE-2022-35890 | Incorrect Authorization vulnerability in Inductiveautomation Ignition An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. | 9.8 |