A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the web application show the absolute path to the requested resource. This could allow an authenticated attacker to retrieve additional information about the host system.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-226339.pdf | Vendor Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-20-287-05 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2020-10-15 19:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-15794
Mitre link : CVE-2020-15794
CVE.ORG link : CVE-2020-15794
JSON object : View
Products Affected
siemens
- desigo_insight