Inductive Automation Ignition
CVE-2022-1264
6.8MEDIUM
What is CVE-2022-1264?
The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code.
Affected Version(s)
Ignition All 8.1 versions 8.1.10
Ignition 8.0.4
References
CVSS V3.1
Score:
6.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Mashav Sapir of Claroty reported this vulnerability to CISA