cbcvebase.

Webaccess Scada vulnerabilities

4 known vulnerabilities affecting webaccess/scada.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2021-32943P3CRITICALCVSS 9.8vWebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.12021-08-10
CVE-2021-32943 [CRITICAL] CWE-121 CVE-2021-32943: The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).
nvd
CVE-2018-18999P3HIGHCVSS 7.3vWebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP12018-12-19
CVE-2018-18999 [HIGH] CWE-20 CVE-2018-18999: WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper vali WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack.
nvd
CVE-2021-22674P3MEDIUMCVSS 6.5vWebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.12021-08-10
CVE-2021-22674 [MEDIUM] CWE-23 CVE-2021-22674: The affected product is vulnerable to a relative path traversal condition, which may allow an attack The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).
nvd
CVE-2021-22676P4MEDIUMCVSS 6.1vWebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.12021-08-10
CVE-2021-22676 [MEDIUM] CWE-79 CVE-2021-22676: UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could all UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCAD
nvd
Webaccess Scada vulnerabilities | cvebase