Description
All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users.
Scores
CVSS v3
5.3
EPSS
0.0024
EPSS Percentile
46.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-204
CWE-203
Status
published
Products (1)
codesys/visualization
4.0.0.0 - 4.2.0.0
Published
Aug 23, 2022
Tracked Since
Feb 18, 2026