Advantech Wise Paasrmm
By the Year
In 2023 there have been 0 vulnerabilities in Advantech Wise Paasrmm . Wise Paasrmm did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 9.10 |
| 2020 | 0 | 0.00 |
| 2019 | 4 | 8.40 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Wise Paasrmm vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Advantech Wise Paasrmm Security Vulnerabilities
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard
CVE-2021-27437
9.1 - Critical
- May 07, 2021
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1).
Use of Hard-coded Credentials
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior
CVE-2019-18229
6.5 - Medium
- October 31, 2019
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitization of user-supplied input cause SQL injection vulnerabilities. An attacker can leverage these vulnerabilities to disclose information.
SQL Injection
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior
CVE-2019-18227
7.5 - High
- October 31, 2019
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. XXE vulnerabilities exist that may allow disclosure of sensitive data.
XXE
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior
CVE-2019-13551
9.8 - Critical
- October 31, 2019
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an administrator.
Directory traversal
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior
CVE-2019-13547
9.8 - Critical
- October 31, 2019
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication.
Missing Authentication for Critical Function
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Advantech Wise Paasrmm or by Advantech? Click the Watch button to subscribe.
