Incorrect access control in the /api/License/deactivateOffline endpoint of CAXPerts UniversalPlantViewer WebServices Server v2.7.6 allows authenticated attackers with low-level privileges to cause a Denial of Service (DoS) via removing the license from the webserver.
Project Subscriptions
No data.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 14 Jul 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Incorrect access control in the /api/License/deactivateOffline endpoint of CAXPerts UniversalPlantViewer WebServices Server v2.7.6 allows authenticated attackers with low-level privileges to cause a Denial of Service (DoS) via removing the license from the webserver. | |
| References |
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-14T22:33:10.686Z
Reserved: 2026-04-06T00:00:00.000Z
Link: CVE-2026-36035
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses
No weakness.