Vulnerabilities > Openautomationsoftware > OAS Platform > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2023-32615 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Openautomationsoftware OAS Platform 18.00.0072 A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. | 8.1 |
| 2023-09-05 | CVE-2023-34353 | Unspecified vulnerability in Openautomationsoftware OAS Platform 18.00.0072 An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. | 7.5 |
| 2023-09-05 | CVE-2023-34998 | Improper Authentication vulnerability in Openautomationsoftware OAS Platform 18.00.0072 An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. | 8.1 |
| 2022-05-25 | CVE-2022-26026 | Unspecified vulnerability in Openautomationsoftware OAS Platform 16.00.0112 A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. | 7.5 |
| 2022-05-25 | CVE-2022-26043 | Unspecified vulnerability in Openautomationsoftware OAS Platform 16.00.0112 An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. | 7.5 |
| 2022-05-25 | CVE-2022-26067 | Unspecified vulnerability in Openautomationsoftware OAS Platform 16.00.0112 An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. | 7.5 |
| 2022-05-25 | CVE-2022-26077 | Unspecified vulnerability in Openautomationsoftware OAS Platform 16.00.0112 A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. | 7.5 |
| 2022-05-25 | CVE-2022-26303 | Unspecified vulnerability in Openautomationsoftware OAS Platform 16.00.0112 An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. | 7.5 |
| 2022-05-25 | CVE-2022-27169 | Unspecified vulnerability in Openautomationsoftware OAS Platform 16.00.0112 An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. | 7.5 |