Vulnerability Details CVE-2020-10641
An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway (versions prior to 8.0.10), causing a denial-of-service condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-10641
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.1
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.2
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.3
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.4
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.5
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.6
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.7
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.8
-
cpe:2.3:a:inductiveautomation:ignition_gateway:8.0.9