Aveva ≫ Wonderware Intouch Access Anywhere

3 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

8.8

CVE-2017-5156

EPSS 0.13%
Published 20.04.2017 20:59:00
Last modified 20.04.2025 01:37:25

A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The client request may be forged from a different site. This will allow an external site to access internal RDP syst...

9.8

CVE-2017-5158

EPSS 1.02%
Published 20.04.2017 20:59:00
Last modified 20.04.2025 01:37:25

An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be spe...

5.3

CVE-2017-5160

EPSS 0.11%
Published 20.04.2017 20:59:00
Last modified 20.04.2025 01:37:25

An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly.