Inductiveautomation: >> Ignition >> 7.7.2 Security Vulnerabilities
Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
CVSS Score
6.4
EPSS Score
0.003
Published
2015-04-03
Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local users to obtain sensitive information via unspecified vectors.
CVSS Score
2.1
EPSS Score
0.001
Published
2015-04-03
Inductive Automation Ignition 7.7.2 allows remote attackers to obtain sensitive information by reading an error message about an unhandled exception, as demonstrated by pathname information.
CVSS Score
5.0
EPSS Score
0.005
Published
2015-04-03
Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.005
Published
2015-04-03
Page 2