Microchip Timeprovider 4100
7 CVEs affecting Microchip Timeprovider 4100. Latest disclosed: 2024-10-04. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-43685 | Critical | 9.8 | 2024-10-04 | Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 be… |
CVE-2024-9054 | High | 8.8 | 2024-10-04 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Exposure of Sensitive Information to an Unauthorized Actor vulnerab… |
CVE-2024-43684 | High | 8.8 | 2024-10-04 | Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects… |
CVE-2024-7801 | Medium | 6.5 | 2024-10-04 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip TimeProvider 4100 (Data plot modules) allows SQ… |
CVE-2024-43687 | Medium | 6.1 | 2024-10-04 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules… |
CVE-2024-43686 | Medium | 6.1 | 2024-10-04 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) al… |
CVE-2024-43683 | Medium | 6.1 | 2024-10-04 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvide… |