CVE-2024-27201

MEDIUM Year: 2024
CVSS v3 Score
4.9
Medium
Weakness Type
CWE-20
View all →

Vulnerability Description

An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.

Related Vulnerabilities

CVE-2017-11183

MEDIUM
CVSS:4.9(Medium)

front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.

CWE-202017

CVE-2017-14023

MEDIUM
CVSS:4.9(Medium)

An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been id...

CWE-202017

CVE-2017-18453

MEDIUM
CVSS:4.9(Medium)

cPanel before 64.0.21 does not preserve supplemental groups across account renames (SEC-260).

CWE-202017

CVE-2017-18464

MEDIUM
CVSS:4.9(Medium)

cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor (SEC-226).

CWE-202017

CVE-2017-2254

MEDIUM
CVSS:4.9(Medium)

Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input

CWE-202017

CVE-2017-6690

MEDIUM
CVSS:4.9(Medium)

A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or...

CWE-202017