CVE-2015-0995
published 2015-04-03CVE-2015-0995: Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-dependent attackers to obtain access via a brute-force attack.
PriorityP420medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.12%
62.0th percentile
Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-dependent attackers to obtain access via a brute-force attack.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| inductiveautomation | ignition | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Inductive Automation Ignition Vulnerabilities
cisa_ics·2018-08-27
Inductive Automation Ignition Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Inductive Automation Ignition Vulnerabilities
Last RevisedAugust 27, 2018
Alert CodeICSA-15-090-01
## OVERVIEW
Evgeny Druzhinin, Alexey Osipov, Ilya Karpov, and Gleb Gritsai of Positive Technologies have identified several vulnerabilities in Inductive Automation’s Ignition Software. Inductive Automation has produced a patch that mitigates these vulnerabilities.
These vulnerabilities could be exploited remotely.
## AFFECTED PRODUCTS
The following Inductive Automation product is affected:
- Inductive Automation Ignition 7.7.2
## IMPACT
Impact to individual organizations depe
GHSA
GHSA-cf2w-8rhm-45w6: Inductive Automation Ignition 7
ghsa_unreviewed·2022-05-17
CVE-2015-0995 [MEDIUM] GHSA-cf2w-8rhm-45w6: Inductive Automation Ignition 7
Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-dependent attackers to obtain access via a brute-force attack.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2015-04-03
Published