MEDIUM🇵🇱 Wersja polska

CVE-2024-27201

CVSS 4.9v3.1pub. 2024-04-03upd. 2025-11-04

An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
  • Openautomationsoftware Open Automation Software

    APP
    Openautomationsoftware
    19.0.0.57
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-11220HIGH8.5ten sam produkt

A local low-level user on the server machine with credentials to the running OAS services can create and execu...

CVE-2024-21870MEDIUM4.9ten sam produkt

A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Softwa...

CVE-2024-22178MEDIUM4.9ten sam produkt

A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automati...

CVE-2024-24976MEDIUM4.9ten sam produkt

A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Ope...

CVE-2022-26082CRITICAL9.1ten sam vendor

A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Softw...