GCVE - cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*

part: a version: 2020 update: -

Vendor	Aveva (`419325dd-398d-5d8e-98c9-e41c800a541d`)
Product	Historian (`62771e62-185c-5a0c-b263-b073df327985`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-6456`	vulnerable	2026-06-03 14:58:03.228016	SQL Injection vulnerability in AVEVA Historian Server AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL. Published: 2024-08-15T20:10:58.586Z Updated: 2024-08-16T13:32:49.662Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-10	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-34982`	vulnerable	2026-06-03 14:52:17.503864	AVEVA Operations Control Logger External Control of File Name or Path MEDIUM (5.5) This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service. Published: 2023-11-15T16:28:35.183Z Updated: 2024-08-02T16:17:04.179Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 https://www.aveva.com/en/support-and-success/cyber-security-updates/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-33873`	vulnerable	2026-06-03 14:52:14.854853	AVEVA Operations Control Logger Execution with Unnecessary Privileges HIGH (7.8) This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine. Published: 2023-11-15T16:22:31.927Z Updated: 2024-11-21T20:10:00.423Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 https://www.aveva.com/en/support-and-success/cyber-security-updates/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.