Vulnerabilities > Trane > Tracer SC

DATE CVE VULNERABILITY TITLE RISK
2016-09-19 CVE-2016-4526 Uncontrolled Search Path Element vulnerability in Trane Tracer SC 3.8/4.2.1134
ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.
local
high complexity
trane CWE-427
7.5
7.5
2016-09-19 CVE-2016-0870 Information Exposure vulnerability in Trane Tracer SC 3.8/4.2.1134
The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request.
network
low complexity
trane CWE-200
5.3
5.3