Lucene search
China National Vulnerability DatabaseCNVD-2022-58684HistoryMay 26, 2022 - 12:00 a.m.
Open Automation Software OAS Platform访问控制错误漏洞
2022-05-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
open automation software
oas platform
industrial internet of things
iot suite
open automation software
inc.
access control error
vulnerability
version v16.00.0112
external configuration control
oas engine secureaddsecurity feature
attacker
specially crafted network requests
custom security groups
cnvd
EPSS
0.001
Percentile
33.9%
Open Automation Software OAS Platform is an industrial Internet of Things (IoT) suite from Open Automation Software, Inc. An access control error vulnerability exists in Open Automation Software OAS Platform version V16.00.0112, which stems from an external configuration control issue with the OAS Engine Secureaddsecurity feature, and could be exploited by an attacker to by sending a series of specially crafted network requests to create custom security groups.
Related
cvelist
cvelist
CVE-2022-26043
2022-05-25 20:15:20
prion
prion
Xxe
2022-05-25 21:15:00
talos
talos
cve
cve
CVE-2022-26043
2022-05-25 21:15:07
nvd
nvd
CVE-2022-26043
2022-05-25 21:15:07
threatpost
threatpost
Critical Flaws in Popular ICS Platform Can Trigger RCE
2022-05-27 10:32:07