Vulnerability Description
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advantech | Webaccess | <= 8.2_20170817 |
| Advantech | Webaccess Dashboard | <= 2.0.15 |
| Advantech | Webaccess Scada | < 8.3.1 |
| Advantech | Webaccess\/Nms | <= 2.0.3 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/104190Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/104190Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-10590?
CVE-2018-10590 is a vulnerability with a CVSS score of 7.5 (HIGH). In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAcce...
How severe is CVE-2018-10590?
CVE-2018-10590 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-10590?
Check the references section above for vendor advisories and patch information. Affected products include: Advantech Webaccess, Advantech Webaccess Dashboard, Advantech Webaccess Scada, Advantech Webaccess\/Nms.