Описание
Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:inductiveautomation:ignition:7.7.2:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
4 Medium
CVSS2
Дефекты
CWE-254
Связанные уязвимости
github
больше 3 лет назад
Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests.
EPSS
Процентиль: 48%
0.0025
Низкий
4 Medium
CVSS2
Дефекты
CWE-254