ThingWorx Platform
by Ptc
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-17217 | Hig | 0.49 | 7.5 | 0.01 | Oct 1, 2018 | An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key. | ||
| CVE-2018-17216 | Med | 0.42 | 6.5 | 0.01 | Oct 1, 2018 | An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is password hash exposure to privileged users. | ||
| CVE-2018-17218 | Med | 0.35 | 5.4 | 0.01 | Oct 1, 2018 | An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is reflected XSS in the SQUEAL search function. | ||
| CVE-2018-20092 | 0.00 | — | 0.02 | Dec 17, 2018 | PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request. |
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is password hash exposure to privileged users.
- risk 0.35cvss 5.4epss 0.01
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is reflected XSS in the SQUEAL search function.
- CVE-2018-20092Dec 17, 2018risk 0.00cvss —epss 0.02
PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request.