Aveva Aveva System Platform
6 CVEs affecting Aveva Aveva System Platform. Latest disclosed: 2022-04-11. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-33008 | High | 8.8 | 2022-04-04 | AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity. |
CVE-2022-0835 | High | 8.1 | 2022-04-11 | AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user. |
CVE-2021-33010 | High | 7.5 | 2022-04-04 | An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service co… |
CVE-2021-32981 | High | 7.2 | 2022-04-04 | AVEVA System Platform versions 2017 through 2020 R2 P01 uses external input to construct a pathname that is intended to identify a file or directory that is lo… |
CVE-2021-32985 | High | 7.2 | 2022-04-04 | AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid. |
CVE-2021-32977 | High | 7.2 | 2022-04-04 | AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data. |