Fimer: Security Vulnerabilities
An issue was discovered in Fimer Aurora Vision before 2.97.10. The response to a failed login attempt discloses whether the username or password is wrong, helping an attacker to enumerate usernames. This can make a brute-force attack easier.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-11-03
An issue was discovered in Fimer Aurora Vision before 2.97.10. An attacker can (in the WebUI) obtain plant information without authentication by reading the response of APIs from a kiosk view of a plant.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-11-03