Vulnerabilities > Openautomationsoftware > OAS Platform > 16.00.0112

DATE CVE VULNERABILITY TITLE RISK
2022-05-25 CVE-2022-26026 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
7.5
7.5
2022-05-25 CVE-2022-26043 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
7.5
7.5
2022-05-25 CVE-2022-26067 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
7.5
7.5
2022-05-25 CVE-2022-26077 Cleartext Transmission of Sensitive Information vulnerability in Openautomationsoftware OAS Platform 16.00.0112
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-319
7.5
7.5
2022-05-25 CVE-2022-26082 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
critical
 9.8
9.8
2022-05-25 CVE-2022-26303 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
7.5
7.5
2022-05-25 CVE-2022-26833 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121.
network
low complexity
openautomationsoftware CWE-306
critical
 9.4
9.4
2022-05-25 CVE-2022-27169 Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112
An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112.
network
low complexity
openautomationsoftware CWE-306
7.5
7.5