Skip to main content

Tuxedo Touch

2 CVEs product

Monthly

CVE-2015-2848 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Honeywell Tuxedo Touch
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-2847 MEDIUM This Month

Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Tuxedo Touch
NVD
CVSS 2.0
5.0
EPSS
0.4%
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Honeywell Tuxedo Touch
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Tuxedo Touch
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy