CPE Details
Rapid SCADA 5.8.1
5.8.1
2020-08-19
09h52 +00:00
09h52 +00:00
2020-08-19
09h52 +00:00
09h52 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:rapidscada:rapid_scada:5.8.1:*:*:*:*:*:*:*
Informations
Vendor
rapidscadaProduct
rapid_scadaVersion
5.8.1Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. | 7.5 |
High |
||
| In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request. | 5.3 |
Medium |
||
| In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see them. | 6.2 |
Medium |
||
| In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port. | 9.8 |
Critical |
||
| In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login page. | 5.4 |
Medium |
||
| In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege escalation. | 7.8 |
High |
||
| In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the system. | 6.5 |
Medium |
||
| In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code execution. | 8.8 |
High |
2025©
tesweb SA
