Openautomationsoftware Oas Platform
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Openautomationsoftware Oas Platform.
By the Year
In 2026 there have been 0 vulnerabilities in Openautomationsoftware Oas Platform. Oas Platform did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 3 | 4.90 |
| 2023 | 8 | 6.89 |
| 2022 | 8 | 8.03 |
It may take a day or so for new Oas Platform vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Openautomationsoftware Oas Platform Security Vulnerabilities
Arbitrary File Write via OAS Engine Save Security Config v19.00.0057
CVE-2024-22178
4.9 - Medium
- April 03, 2024
A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.
External Control of File Name or Path
Arbitrary File Write via OAS Engine Tags Config on OAS Platform V19.00.0057
CVE-2024-21870
4.9 - Medium
- April 03, 2024
A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.
External Control of File Name or Path
Impr. Input Validation in OAS Platform V19.00.0057 User Config
CVE-2024-27201
4.9 - Medium
- April 03, 2024
An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.
Improper Input Validation
Auth bypass OAS Platform v18.00.0072 OAS Engine
CVE-2023-34998
8.1 - High
- September 05, 2023
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability.
authentification
Auth Bypass in Open Automation OAS Engine v18.00.0072
CVE-2023-31242
9.8 - Critical
- September 05, 2023
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability.
authentification
OAS Platform v18.00.0072 Info Disclosure via ConfigMgmt
CVE-2023-32271
6.5 - Medium
- September 05, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.
Information Disclosure
Open Automation OAS Platform v18.00.0072 Arbitrary File Write (CVE-2023-32615)
CVE-2023-32615
8.1 - High
- September 05, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.
Externally Controlled Reference to a Resource in Another Sphere
Input Validation Flaw in OAS Platform 18.00.0072 Allowing Untrusted Config Injection
CVE-2023-34317
6.5 - Medium
- September 05, 2023
An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.
Improper Input Validation
Auth Bypass in OAS Platform v18.00.0072 Engine
CVE-2023-34353
7.5 - High
- September 05, 2023
An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.
Use of Insufficiently Random Values
Resource Allocation in OAS Platform v18.00.0072 Enables Arbitrary Directory Creation
CVE-2023-34994
4.3 - Medium
- September 05, 2023
An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability.
Allocation of Resources Without Limits or Throttling
Info Disclosure via OAS Engine Config (OAS 18.00.0072)
CVE-2023-35124
4.3 - Medium
- September 05, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.
Generation of Error Message Containing Sensitive Information
An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112
CVE-2022-27169
7.5 - High
- May 25, 2022
An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability.
Missing Authentication for Critical Function
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112
CVE-2022-26026
7.5 - High
- May 25, 2022
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability.
Missing Authentication for Critical Function
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112
CVE-2022-26043
7.5 - High
- May 25, 2022
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of requests to trigger this vulnerability.
Missing Authentication for Critical Function
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112
CVE-2022-26067
7.5 - High
- May 25, 2022
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnerability.
Missing Authentication for Critical Function
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112
CVE-2022-26077
7.5 - High
- May 25, 2022
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.
Cleartext Transmission of Sensitive Information
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112
CVE-2022-26082
9.8 - Critical
- May 25, 2022
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.
Missing Authentication for Critical Function
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112
CVE-2022-26303
7.5 - High
- May 25, 2022
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigger this vulnerability.
Missing Authentication for Critical Function
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121
CVE-2022-26833
9.4 - Critical
- May 25, 2022
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability.
Missing Authentication for Critical Function
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Openautomationsoftware Oas Platform or by Openautomationsoftware? Click the Watch button to subscribe.
