Описание
Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:inductiveautomation:ignition:7.7.2:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00274
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-254
Связанные уязвимости
github
больше 3 лет назад
Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
EPSS
Процентиль: 50%
0.00274
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-254