VYPR

Factorytalk Energrymetrix

by Rockwellautomation

CVEs (2)

  • CVE-2016-4522CriJul 28, 2016
    risk 0.64cvss 9.8epss 0.06

    SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2016-4531HigJul 28, 2016
    risk 0.48cvss 7.3epss 0.08

    Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.