CVE-2023-1256

The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

N/A

AVEVA Plant SCADA Access Anywhere 授权问题漏洞

AVEVA Plant SCADA Access Anywhere是英国剑维软件（AVEVA）公司的一个面向工业过程客户的可靠、灵活且高性能的监控和数据采集 （SCADA） 软件解决方案。可以在任何兼容的 Web 浏览器中获得 Plant SCADA 的真正价值和强大功能。 AVEVA Plant SCADA and AVEVA Telemetry Server 存在授权问题漏洞。未经身份验证的攻击者利用该漏洞可以读取数据、导致拒绝服务并篡改警报状态。

N/A

N/A