Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-86391
HistoryNov 25, 2022 - 12:00 a.m.

AVEVA Edge has an information disclosure vulnerability

2022-11-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
aveva edge
hmi/scada
information disclosure
vulnerability
external db
windows access token
attacker
aveva software
uk

EPSS

0.001

Percentile

40.5%

JSON

AVEVA Edge is a highly scalable and flexible HMI/SCADA software from AVEVA Software (UK).An information disclosure vulnerability exists in AVEVA Edge version 2020 R2, which could be exploited by an attacker to gain access to external DB resource configuration by spoofing the user’s Windows access token that is leaked when AVEVA Edge is running. account information.

Related

cvelist 1
prion 1
cve 1
nvd 1
ics 1
cvelist
cvelist
CVE-2021-42797
2023-12-16 00:00:00
prion
prion
Path traversal
2023-12-16 01:15:00
cve
cve
CVE-2021-42797
2023-12-16 01:15:07
nvd
nvd
CVE-2021-42797
2023-12-16 01:15:07
ics
ics
AVEVA Edge
2022-11-22 12:00:00

EPSS

0.001

Percentile

40.5%

JSON
Related for CNVD-2022-86391
cvelist1prion1cve1nvd1ics1