Information Disclosure Vulnerability in Advantech WebAccess SCADA

Information Disclosure Vulnerability in Advantech WebAccess SCADA

CVE-2021-38431 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.

Learn more about our Web App Pen Testing.