Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aveva historian vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-34348
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition.
Aveva Pi Server 2018
Aveva Pi Server 2023
Aveva Pi Server
5.3
CVSSv3
CVE-2023-31274
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial de...
Aveva Pi Server 2018
Aveva Pi Server 2023
Aveva Pi Server
7.1
CVSSv3
CVE-2023-34982
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.
Aveva System Platform 2020
Aveva Manufacturing Execution System 2020
Aveva Mobile Operator 2020
Aveva Work Tasks 2020
Aveva Telemetry Server 2020r2
Aveva System Platform
Aveva Historian 2020
Aveva Historian
Aveva Intouch 2020
Aveva Intouch
Aveva Enterprise Licensing
Aveva Recipe Management
Aveva Recipe Management 2020
Aveva Manufacturing Execution System
Aveva Batch Management 2020
Aveva Batch Management
Aveva Communication Drivers
Aveva Communication Drivers 2020
Aveva Mobile Operator
Aveva Plant Scada
Aveva Plant Scada 2020
Aveva Work Tasks
7.8
CVSSv3
CVE-2023-33873
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.
Aveva System Platform 2020
Aveva Manufacturing Execution System 2020
Aveva Mobile Operator 2020
Aveva Work Tasks 2020
Aveva Telemetry Server 2020r2
Aveva System Platform
Aveva Historian 2020
Aveva Historian
Aveva Intouch 2020
Aveva Intouch
Aveva Enterprise Licensing
Aveva Recipe Management
Aveva Recipe Management 2020
Aveva Manufacturing Execution System
Aveva Batch Management 2020
Aveva Batch Management
Aveva Communication Drivers
Aveva Communication Drivers 2020
Aveva Mobile Operator
Aveva Plant Scada
Aveva Plant Scada 2020
Aveva Work Tasks
9.8
CVSSv3
CVE-2020-13499
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable ...
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
9.8
CVSSv3
CVE-2020-13500
SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to una...
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
9.8
CVSSv3
CVE-2020-13501
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable ...
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
9.8
CVSSv3
CVE-2020-13504
Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
9.8
CVSSv3
CVE-2020-13505
Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
Aveva Edna Enterprise Data Historian 3.0.1.2\\/7.5.4989.33053
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started