W produkcie FAST/TOOLS dostarczanym przez Yokogawa Electric Corporation odkryto lukę w zabezpieczeniach związaną z niewłaściwym kodowaniem adresów URL. Atakujący mógłby manipulować stronami internetowymi lub wykonywać złośliwe skrypty. Podatne są wersje FAST/TOOLS (pakiety: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) od R9.01 do R10.04.
▸ Pokaż oryginał (EN)
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XYokogawa Fast\/tools
APPYokogawar9.01 – r10.04
Powiązane podatności
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product suppor...
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does n...
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product suppor...
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50)...
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are...