Описание
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*
EPSS
Процентиль: 4%
0.00019
Низкий
8.1 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-284
CWE-287
Связанные уязвимости
CVSS3: 8.1
github
больше 2 лет назад
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability.
EPSS
Процентиль: 4%
0.00019
Низкий
8.1 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-284
CWE-287