PT-2019-18137 · Advantech · Webaccess/Scada

Published

2019-02-05

Updated

2019-02-06

CVE-2019-6521

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Name of the Vulnerable Software and Affected Versions WebAccess/SCADA version 8.3

Description The issue allows specially crafted requests to possibly bypass authentication, enabling an attacker to obtain and manipulate sensitive information.

Recommendations For version 8.3, apply the necessary patches or updates to fix the authentication bypass issue, ensuring that specially crafted requests can no longer be used to manipulate sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2019-6521

Affected Products

Webaccess/Scada

PT-2019-18137 · Advantech · Webaccess/Scada

CVE-2019-6521

Weakness Enumeration

Related Identifiers

Affected Products

References · 4