Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Conprosys_hmi_system
(Contec)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-01-20 | CVE-2023-22334 | Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack. | Conprosys_hmi_system | 5.3 | ||
| 2023-01-30 | CVE-2023-22324 | SQL injection vulnerability in the CONPROSYS HMI System (CHS) Ver.3.5.0 and earlier allows a remote authenticated attacker to execute an arbitrary SQL command. As a result, information stored in the database may be obtained. | Conprosys_hmi_system | 6.5 | ||
| 2023-05-31 | CVE-2023-2758 | A denial of service vulnerability exists in Contec CONPROSYS HMI System versions 3.5.2 and prior. When there is a time-zone mismatch in certain configuration files, a remote, unauthenticated attacker may deny logins for an extended period of time. | Conprosys_hmi_system | 5.3 |