工控系统行业漏洞库平台
    ICS Vulnerability Database

Inductive Automation Ignition代码问题漏洞 漏洞详情

漏洞参数

漏洞类型: 代码问题

危险级别: 高危

CVE编号: CVE-2020-12000

CNVD编号: CNVD-2020-34644

CNNVD编号: CNNVD-202005-1318

发布时间: 2020-05-26

CVSS雷达图
CVSS评分: 4.958451119999999
受影响的平台和产品

ignition_gateway *

ignition_gateway *

漏洞描述

The affected product is vulnerable to the handling of serialized data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.

安全建议&解决方案
  1. 厂商已发布了漏洞修复程序,请及时关注更新: https://inductiveautomation.com/downloads/releasenotes/8.0.10 厂商已发布了漏洞修复程序,请及时关注更新: https://inductiveautomation.com/downloads/releasenotes/8.0.10
  • 联系我们
  • 如果您对我们感兴趣,请联系我们。

    • 北京威努特技术有限公司
    北京市海淀区上地三街9号嘉华大厦F座901室
    电话: 4000-680-620

    Copyright © 2017 Winicssec All Rights Reserved
    版权所有 京ICP备 14062383号-1