Vulnerabilities > Smartptt > Scada Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-29 | CVE-2021-43937 | Cross-Site Request Forgery (CSRF) vulnerability in Smartptt Scada Server 1.4 Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. | 8.8 |
| 2022-04-29 | CVE-2021-43938 | Missing Authorization vulnerability in Smartptt Scada Server 1.4 Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization. | 9.8 |