The specific flaw exists within the processing of URIs by the product's web server. A crafted URI can cause the web service to bypass authentication that should be required for the web page. An attacker can leverage this vulnerability to access system information.
LAquis SCADA has issued an update to correct this vulnerability. More details can be found at:
|Esteban Ruiz (mr_me) of Source Incite