CVE-2018-18990
N/A
N/A
Summary
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ICS-CERT | LCDS Laquis SCADA | All versions prior to version 4.1.0.4150 | affected |
Weaknesses
- CWE-23: RELATIVE PATH TRAVERSAL CWE-23
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.