Inductive Automation Luki w zabezpieczeniach

Oś czasu

Rodzaj

Produkt

Inductive Automation Ignition24

Przeciwdziałanie

Official Fix15
Temporary Fix0
Workaround0
Unavailable0
Not Defined9

Wykorzystywanie

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined24

Wektor dostępu

Not Defined0
Physical0
Local0
Adjacent1
Network23

Uwierzytelnianie

Not Defined0
High6
Low5
None13

Interakcja z użytkownikiem

Not Defined0
Required7
None17

C3BM Index

CVSSv3 Base

≤10
≤20
≤31
≤40
≤51
≤61
≤75
≤86
≤910
≤100

CVSSv3 Temp

≤10
≤20
≤31
≤40
≤51
≤63
≤76
≤84
≤99
≤100

VulDB

≤10
≤20
≤32
≤40
≤53
≤62
≤72
≤85
≤910
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤85
≤91
≤103

CNA

≤10
≤20
≤30
≤40
≤50
≤61
≤71
≤85
≤92
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤81
≤90
≤100

Exploit 0-day

<1k1
<2k12
<5k11
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k19
<2k4
<5k1
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (1): Ignition (24)

OpublikowanoBaseTempSłaby punktProdWykPrzCTIEPSSCVE
2024-02-216.36.0Inductive Automation Ignition getParams privilege escalationAutomation SoftwareNot DefinedOfficial Fix0.030.00000CVE-2023-50232
2024-02-216.36.0Inductive Automation Ignition getJavaExecutable directory traversalAutomation SoftwareNot DefinedOfficial Fix0.020.00000CVE-2023-50233
2024-01-058.88.4Inductive Automation Ignition RunQuery privilege escalationAutomation SoftwareNot DefinedOfficial Fix0.020.00000CVE-2023-50219
2024-01-057.26.9Inductive Automation Ignition Base64Element privilege escalationAutomation SoftwareNot DefinedOfficial Fix0.020.00000CVE-2023-50220
2024-01-058.88.4Inductive Automation Ignition ResponseParser privilege escalationAutomation SoftwareNot DefinedOfficial Fix0.020.00000CVE-2023-50221
2024-01-058.88.4Inductive Automation Ignition Notifications ResponseParser privilege escalationAutomation SoftwareNot DefinedOfficial Fix0.020.00000CVE-2023-50222
2024-01-058.88.4Inductive Automation Ignition ExtendedDocumentCodec privilege escalationAutomation SoftwareNot DefinedOfficial Fix0.020.00000CVE-2023-50223
2023-12-208.88.5Inductive Automation Ignition ModuleInvoke privilege escalationAutomation SoftwareNot DefinedNot Defined0.000.00000CVE-2023-50218
2023-08-087.57.5Inductive Automation Ignition ConditionRefresh denial of serviceAutomation SoftwareNot DefinedNot Defined0.000.00000CVE-2023-39477
2023-08-014.34.1Inductive Automation Ignition cross site scriptingAutomation SoftwareNot DefinedOfficial Fix0.040.00000CVE-2023-38121

14 więcej wpisów nie jest pokazywanych

Do you want to use VulDB in your project?

Use the official API to access entries easily!