Vulnerability Details CVE-2021-32989
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v3 Score 9.3
CVSS v2 Score 4.3
References
Products affected by CVE-2021-32989
-
cpe:2.3:a:lcds:laquis_scada:4.1
-
cpe:2.3:a:lcds:laquis_scada:4.1.0.3391
-
cpe:2.3:a:lcds:laquis_scada:4.1.0.3870
-
cpe:2.3:a:lcds:laquis_scada:4.1.0.4150
-
cpe:2.3:a:lcds:laquis_scada:4.3.1
-
cpe:2.3:a:lcds:laquis_scada:4.3.1.1011