Security Advisory

CVE-2015-2847

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-07-26 18:00:00

Last updated 2024-08-06 05:24:38

Assigner certcc

State PUBLISHED

Description

Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data stream.

← Browse all CVEs View on cve.org ↗