PT-2026-22126 · Snapvue+5 · Snapvue+6

Published

2026-02-26

Updated

2026-03-12

CVE-2026-1694

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions PcVue versions 12.0.0 through 16.3.3

Description The default configuration of IIS and ASP.net adds HTTP headers that are not removed during the deployment of webservices used by the WebVue, WebScheduler, TouchVue, and SnapVue features. This unnecessarily exposes sensitive information about the server configuration.

Recommendations Versions prior to 16.3.3 should ensure HTTP headers are removed during the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue, and SnapVue features.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-201

Related Identifiers

CVE-2026-1694

Affected Products

Asp.Net

Iis

Pcvue

Snapvue

Touchvue

Web Schedule

Webvue

PT-2026-22126 · Snapvue+5 · Snapvue+6

CVE-2026-1694

Weakness Enumeration

Related Identifiers

Affected Products

References · 8