Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aveva aveva edge vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-42794
An issue exists in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses.
Aveva Edge 2020
Aveva Edge
7.5
CVSSv3
CVE-2021-42797
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources.
Aveva Edge 2020
Aveva Edge
9.8
CVSSv3
CVE-2021-42796
An issue exists in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed.
Aveva Edge 2020
Aveva Edge
7.1
CVSSv3
CVE-2022-36969
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-36970
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a m...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-28685
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-28686
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-28687
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-28688
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
Aveva Aveva Edge
NA
CVE-2015-0997
Schneider Electric InduSoft Web Studio prior to 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 prior to 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote malicious users to obtain access via a brute-force pass...
Aveva Aveva Edge
Schneider-electric Wonderware Intouch 2014
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »