VYPR

Aurora Vision

by Fimer

CVEs (2)

  • CVE-2021-33209MedNov 3, 2021
    risk 0.35cvss 5.3epss 0.01

    An issue was discovered in Fimer Aurora Vision before 2.97.10. The response to a failed login attempt discloses whether the username or password is wrong, helping an attacker to enumerate usernames. This can make a brute-force attack easier.

  • CVE-2021-33210MedNov 3, 2021
    risk 0.28cvss 4.3epss 0.01

    An issue was discovered in Fimer Aurora Vision before 2.97.10. An attacker can (in the WebUI) obtain plant information without authentication by reading the response of APIs from a kiosk view of a plant.