CVE-2018-10591 Information
Feb 14, 2021
cve
Description
In Advantech WebAccess versions V8.2_20170817 and prior WebAccess versions V8.3.0 and prior WebAccess Dashboard versions V.2.0.15 and prior WebAccess Scada Node versions prior to 8.3.1 and WebAccess/NMS 2.0.3 and prior an origin validation error vulnerability has been identified which may allow an attacker can create a malicious web site steal session cookies and access data of authenticated users.
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
Reference
http://www.securityfocus.com/bid/104190 https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
6.1
Share on: