Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aveva historian vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-13504
Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
668
VMScore
CVE-2020-13500
SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to una...
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
668
VMScore
CVE-2020-13501
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable ...
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
668
VMScore
CVE-2020-13505
Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
668
VMScore
CVE-2020-13499
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable ...
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
NA
CVE-2023-34982
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.
Aveva System Platform 2020
Aveva Manufacturing Execution System 2020
Aveva Mobile Operator 2020
Aveva Work Tasks 2020
Aveva Telemetry Server 2020r2
Aveva System Platform
Aveva Historian 2020
Aveva Historian
Aveva Intouch 2020
Aveva Intouch
Aveva Enterprise Licensing
Aveva Recipe Management
Aveva Recipe Management 2020
Aveva Manufacturing Execution System
Aveva Batch Management 2020
Aveva Batch Management
Aveva Communication Drivers
Aveva Communication Drivers 2020
Aveva Mobile Operator
Aveva Plant Scada
Aveva Plant Scada 2020
Aveva Work Tasks
NA
CVE-2023-33873
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.
Aveva System Platform 2020
Aveva Manufacturing Execution System 2020
Aveva Mobile Operator 2020
Aveva Work Tasks 2020
Aveva Telemetry Server 2020r2
Aveva System Platform
Aveva Historian 2020
Aveva Historian
Aveva Intouch 2020
Aveva Intouch
Aveva Enterprise Licensing
Aveva Recipe Management
Aveva Recipe Management 2020
Aveva Manufacturing Execution System
Aveva Batch Management 2020
Aveva Batch Management
Aveva Communication Drivers
Aveva Communication Drivers 2020
Aveva Mobile Operator
Aveva Plant Scada
Aveva Plant Scada 2020
Aveva Work Tasks
NA
CVE-2023-31274
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial de...
Aveva Pi Server 2018
Aveva Pi Server 2023
Aveva Pi Server
NA
CVE-2023-34348
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition.
Aveva Pi Server 2018
Aveva Pi Server 2023
Aveva Pi Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started