6.5
CVE-2021-37177
- EPSS 0.1%
- Veröffentlicht 14.09.2021 11:15:25
- Zuletzt bearbeitet 23.04.2025 20:15:29
- Quelle productcert@siemens.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The status provided by the syslog clients managed by the affected software can be manipulated by an unauthenticated attacker in the same network of the affected system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Sinema Remote Connect Server Version < 3.0
Siemens ≫ Sinema Remote Connect Server Version3.0 Update-
Siemens ≫ Sinema Remote Connect Server Version3.0 Updatesp1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.251 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:N/I:P/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
CWE-471 Modification of Assumed-Immutable Data (MAID)
The product does not properly protect an assumed-immutable element from being modified by an attacker.