CVE-2018-8841

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated user to modify files when read access should only be given to the user.

Published : 2018-05-15 22:29 Updated : 2019-10-09 23:42

4.6
CVSS Score More info
Score 4.6 / 10
4.6
Vendor Product Version URI
Advantech Webaccess 8.2_20170817 cpe:/a:advantech:webaccess:8.2_20170817
Advantech Webaccess 8.3.0 cpe:/a:advantech:webaccess:8.3.0
Advantech Webaccess%2fnms 2.0.3 cpe:/a:advantech:webaccess%2fnms:2.0.3
Advantech Webaccess Dashboard 2.0.15 cpe:/a:advantech:webaccess_dashboard:2.0.15
  1. Advantech (3) Search CVE
    1. Webaccess%2fnms (1) Search CVE
      1. 2.0.3
    2. Webaccess Dashboard (1) Search CVE
      1. 2.0.15
    3. Webaccess (2) Search CVE
      1. 8.2_20170817
      2. 8.3.0

CWE

ID Name Description Links
CWE-269 Improper Privilege Management The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. CVE

History of changes

Date Event
2019-10-03 00:03
2018-06-18 14:34
2018-05-18 01:29
2018-05-15 22:29

New CVE