CVE-2026-1694

EUVD-2026-8838
HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information about the server configuration.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
arcinformatiquepcvue
12.0.0 ≤
𝑥
≤ 15.2.13
arcinformatiquepcvue
16.0.0 ≤
𝑥
< 16.3.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.pcvue.com/security/#SB2026-2