CVE-2021-38431
4.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Advantech | WebAccess SCADA | All <= 9.0.3 | affected |
Weaknesses
- CWE-862: MISSING AUTHORIZATION CWE-862
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.