What is the severity of CVE-2018-10590?

CVE-2018-10590 has a moderate severity rating due to information exposure through directory listing.

How do I fix CVE-2018-10590?

To fix CVE-2018-10590, update Advantech WebAccess, WebAccess Dashboard, WebAccess/SCADA, or WebAccess/NMS to the latest versions beyond the affected ones.

What types of vulnerabilities does CVE-2018-10590 represent?

CVE-2018-10590 represents a directory listing vulnerability that leads to information exposure.

Who is affected by CVE-2018-10590?

Organizations using affected versions of Advantech WebAccess products are susceptible to the CVE-2018-10590 vulnerability.

Vulnerability/
CVE-2018-10590

high

7.5

CWE

538 548

15/5/2018

16/9/2024

CVE-2018-10590

Q: What versions are affected by CVE-2018-10590?

CVE-2018-10590 affects Advantech WebAccess versions V8.2_20170817 and prior, V8.3.0 and prior, WebAccess Dashboard versions V2.0.15 and prior, WebAccess/SCADA versions prior to 8.3.1, and WebAccess/NMS versions prior to 2.0.3.

First published: Tue May 15 2018(Updated: )

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Advantech WebOP	<=8.2_20170817
Advantech WebOP	<=8.3.0
Advantech WebAccess Dashboard	<=2.0.15
Advantech WebAccess/SCADA	<8.3.1
Advantech WebAccess/NMS	<=2.0.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-10590?
CVE-2018-10590 has a moderate severity rating due to information exposure through directory listing.
How do I fix CVE-2018-10590?
To fix CVE-2018-10590, update Advantech WebAccess, WebAccess Dashboard, WebAccess/SCADA, or WebAccess/NMS to the latest versions beyond the affected ones.
What versions are affected by CVE-2018-10590?
CVE-2018-10590 affects Advantech WebAccess versions V8.2_20170817 and prior, V8.3.0 and prior, WebAccess Dashboard versions V2.0.15 and prior, WebAccess/SCADA versions prior to 8.3.1, and WebAccess/NMS versions prior to 2.0.3.
What types of vulnerabilities does CVE-2018-10590 represent?
CVE-2018-10590 represents a directory listing vulnerability that leads to information exposure.
Who is affected by CVE-2018-10590?
Organizations using affected versions of Advantech WebAccess products are susceptible to the CVE-2018-10590 vulnerability.

agent/weakness
agent/references
agent/type
agent/severity
agent/description
agent/author
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/advantech
canonical/advantech webop
version/advantech webop/8.2_20170817
version/advantech webop/8.3.0
canonical/advantech webaccess dashboard
version/advantech webaccess dashboard/2.0.15
canonical/advantech webaccess/scada
canonical/advantech webaccess/nms
version/advantech webaccess/nms/2.0.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.