HIGH
Sauter Controls
CVE published 2017-02-13
CVE-2016-10224
CVE-2016-10224 describes a weakness in Sauter NovaWeb web HMI where a protection mechanism depends on a cookie, but the application does not properly verify that the cookie is valid for the associated user. In practical terms, this is an access-control and authentication-strength issue: if the cookie is accepted without sufficient user binding, the protection can be undermined. NVD classifies the issue as [truncated]