Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2024
CVE-2023-50327
IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-02-02
CVE-2024-21866
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-02-02
CVE-2024-21869
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see them.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-02-02
CVE-2024-22016
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege escalation.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-02-02
CVE-2024-22096
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the system.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-02-02
CVE-2023-50939
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-02-02
CVE-2024-21764
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-02-02
CVE-2024-21794
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login page.
CVSS Score
5.4
EPSS Score
0.0
Published
2024-02-02
CVE-2024-23031
Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-02-01
CVE-2024-23032
Cross Site Scripting vulnerability in num parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-02-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved