High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-05	CVE-2023-32615	Externally Controlled Reference to a Resource in Another Sphere vulnerability in Openautomationsoftware OAS Platform 18.00.0072 A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. network low complexity openautomationsoftware CWE-610	8.1
2023-09-05	CVE-2023-34353	Use of Insufficiently Random Values vulnerability in Openautomationsoftware OAS Platform 18.00.0072 An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. network low complexity openautomationsoftware CWE-330	7.5
2023-09-05	CVE-2023-34998	Improper Authentication vulnerability in Openautomationsoftware OAS Platform 18.00.0072 An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. network high complexity openautomationsoftware CWE-287	8.1
2022-05-25	CVE-2022-26026	Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112 A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. network low complexity openautomationsoftware CWE-306	7.5
2022-05-25	CVE-2022-26043	Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112 An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. network low complexity openautomationsoftware CWE-306	7.5
2022-05-25	CVE-2022-26067	Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112 An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. network low complexity openautomationsoftware CWE-306	7.5
2022-05-25	CVE-2022-26077	Cleartext Transmission of Sensitive Information vulnerability in Openautomationsoftware OAS Platform 16.00.0112 A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. network low complexity openautomationsoftware CWE-319	7.5
2022-05-25	CVE-2022-26303	Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112 An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. network low complexity openautomationsoftware CWE-306	7.5
2022-05-25	CVE-2022-27169	Missing Authentication for Critical Function vulnerability in Openautomationsoftware OAS Platform 16.00.0112 An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. network low complexity openautomationsoftware CWE-306	7.5