Advantech WebAccess < 6.0-2008.06.06 Remote Authentication Bypass

Medium Nessus Network Monitor Plugin ID 9951


The detected version of Advantech WebAccess may be affected by a remote authentication bypass attack vector.


The installed version of Advantech WebAccess is prior to 6.0-2008.06.06 and is affected by an unspecified flaw in the Project Manager Login page that may allow a remote attacker to bypass authentication mechanisms. No further details have been provided.


Upgrade to Advantech WebAccess version 6.0-2008.06.06 or later.

See Also

Plugin Details

Severity: Medium

ID: 9951

File Name: 9951.prm

Family: SCADA

Published: 2017/02/14

Modified: 2017/02/14

Dependencies: 9860

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 4.9


Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:advantech:advantech_webaccess

Patch Publication Date: 2008/06/06

Vulnerability Publication Date: 2008/06/06

Reference Information

OSVDB: 136929