Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aveva wonderware intouch access anywhere vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-5156
A Cross-Site Request Forgery issue exists in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The client request may be forged from a different site. This will allow an external site to access internal RDP systems on behalf of the currently logged ...
Aveva Wonderware Intouch Access Anywhere
9.8
CVSSv3
CVE-2017-5158
An Information Exposure issue exists in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified.
Aveva Wonderware Intouch Access Anywhere
5.3
CVSSv3
CVE-2017-5160
An Inadequate Encryption Strength issue exists in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly.
Aveva Wonderware Intouch Access Anywhere
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started