Vulnerabilities > Rockwellautomation > Factorytalk Energrymetrix > High

DATE	CVE	VULNERABILITY TITLE	RISK
2016-07-28	CVE-2016-4531	Improper Authorization vulnerability in Rockwellautomation Factorytalk Energrymetrix Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. network low complexity rockwellautomation CWE-285	7.5
2016-07-28	CVE-2016-4522	SQL Injection vulnerability in Rockwellautomation Factorytalk Energrymetrix SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity rockwellautomation CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.