Lucene search
IcscertCVE-2015-0993HistoryApr 03, 2015 - 10:59 a.m.
CVE-2015-0993
2015-04-0310:59:15
CWE-254
icscert
web.nvd.nist.gov
35
cve-2015-0993
inductive automation
ignition 7.7.2
session termination
logout action
access restrictions
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
9.1
Confidence
High
EPSS
0.002
Percentile
61.4%
Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
Affected configurations
Node
inductiveautomationignitionMatch7.7.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| inductiveautomation | ignition | 7.7.2 | cpe:2.3:a:inductiveautomation:ignition:7.7.2:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2015-04-03 10:59:00
cvelist
cvelist
CVE-2015-0993
2015-04-03 10:00:00
nvd
nvd
CVE-2015-0993
2015-04-03 10:59:15
nessus
nessus
Inductive Automation Ignition Multiple Vulnerabilities
2015-06-02 00:00:00
openvas
openvas
Inductive Automation Ignition < 7.7.4 Multiple Vulnerabilities
2015-04-11 00:00:00
kaspersky
kaspersky
KLA10535 Multiple vulnerabilities in Inductive Automation Ignition
2015-04-03 00:00:00
ics
ics
Inductive Automation Ignition Vulnerabilities
2018-08-27 12:00:00
googleprojectzero
googleprojectzero
DΓ©jΓ vu-lnerability
2021-02-03 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
9.1
Confidence
High
EPSS
0.002
Percentile
61.4%
Related for CVE-2015-0993