Vulnerabilities > Openautomationsoftware

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2023-31242 Improper Authentication vulnerability in Openautomationsoftware OAS Platform 18.00.0072
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072.
network
low complexity
openautomationsoftware CWE-287
critical
9.8
2023-09-05 CVE-2023-32271 Information Exposure vulnerability in Openautomationsoftware OAS Platform 18.00.0072
An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072.
network
low complexity
openautomationsoftware CWE-200
6.5
2023-09-05 CVE-2023-32615 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Openautomationsoftware OAS Platform 18.00.0072
A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072.
network
low complexity
openautomationsoftware CWE-610
8.1
2023-09-05 CVE-2023-34317 Improper Input Validation vulnerability in Openautomationsoftware OAS Platform 18.00.0072
An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072.
network
low complexity
openautomationsoftware CWE-20
6.5
2023-09-05 CVE-2023-34353 Use of Insufficiently Random Values vulnerability in Openautomationsoftware OAS Platform 18.00.0072
An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072.
network
low complexity
openautomationsoftware CWE-330
7.5
2023-09-05 CVE-2023-34994 Allocation of Resources Without Limits or Throttling vulnerability in Openautomationsoftware OAS Platform 18.00.0072
An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072.
network
low complexity
openautomationsoftware CWE-770
4.3
2023-09-05 CVE-2023-34998 Improper Authentication vulnerability in Openautomationsoftware OAS Platform 18.00.0072
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072.
network
high complexity
openautomationsoftware CWE-287
8.1
2023-09-05 CVE-2023-35124 Information Exposure Through an Error Message vulnerability in Openautomationsoftware OAS Platform 18.00.0072
An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072.
network
low complexity
openautomationsoftware CWE-209
4.3
2022-05-25 CVE-2022-26026 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
7.5
2022-05-25 CVE-2022-26043 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
7.5