📦

ignition

Vendor: inductiveautomation

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 22 Remote Access

Total CVEs 47 Total Indexed

Avg. EPSS 8.39% Exploit Prob.

Latest CVE CVE-2025-13913 Mar 12

Security Vulnerability Index

Page 4 / 5

4.0 CVSS

CVE-2015-0994

Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests.

EPSS: 0.25%

Severity: MEDIUM

Apr 03, 2015

6.4 CVSS

CVE-2015-0993

Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

EPSS: 0.27%

Severity: MEDIUM

Apr 03, 2015

2.1 CVSS

CVE-2015-0992

Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local users to obtain sensitive information via unspecified vectors.

EPSS: 0.06%

Severity: LOW

Apr 03, 2015

5.0 CVSS

CVE-2015-0991

Inductive Automation Ignition 7.7.2 allows remote attackers to obtain sensitive information by reading an error message about an unhandled exception, as demonstrated by pathname information.

EPSS: 0.53%

Severity: MEDIUM

Apr 03, 2015

4.3 CVSS

CVE-2015-0976

Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

EPSS: 0.54%

Severity: MEDIUM

Apr 03, 2015

Displaying 5 of 47 Total Entries

1 2 3 4 5

Total 5 Sections