Vulnerabilities > Rockwellautomation > Factorytalk Energrymetrix
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-07-28 | CVE-2016-4531 | Improper Authorization vulnerability in Rockwellautomation Factorytalk Energrymetrix Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | 7.5 |
2016-07-28 | CVE-2016-4522 | SQL Injection vulnerability in Rockwellautomation Factorytalk Energrymetrix SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |