Siemens

Sinec Traffic Analyzer

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2025-40770

  • EPSS 0.02%
  • Veröffentlicht 12.08.2025 11:17:21
  • Zuletzt bearbeitet 20.08.2025 20:56:50

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with th...

7.4

CVE-2025-40769

  • EPSS 0.02%
  • Veröffentlicht 12.08.2025 11:17:19
  • Zuletzt bearbeitet 12.08.2025 14:25:33

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content Security Policy that allows unsafe script execution methods. This could allow an attacker to execute una...

7.8

CVE-2025-40768

  • EPSS 0.02%
  • Veröffentlicht 12.08.2025 11:17:18
  • Zuletzt bearbeitet 15.08.2025 18:25:57

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application exposes an internal service port to be accessible from outside the system. This could allow an unauthorized attacker to...

7.8

CVE-2025-40767

  • EPSS 0.02%
  • Veröffentlicht 12.08.2025 11:17:17
  • Zuletzt bearbeitet 15.08.2025 18:22:56

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain el...

5.5

CVE-2025-40766

  • EPSS 0.02%
  • Veröffentlicht 12.08.2025 11:17:15
  • Zuletzt bearbeitet 15.08.2025 17:58:06

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a de...

7.5

CVE-2024-41904

  • EPSS 0.44%
  • Veröffentlicht 13.08.2024 08:15:13
  • Zuletzt bearbeitet 14.08.2024 18:39:32

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker...

5.4

CVE-2024-41907

  • EPSS 0.3%
  • Veröffentlicht 13.08.2024 08:15:13
  • Zuletzt bearbeitet 14.08.2024 18:06:56

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone...

6.5

CVE-2024-41906

  • EPSS 0.26%
  • Veröffentlicht 13.08.2024 08:15:13
  • Zuletzt bearbeitet 14.08.2024 18:04:32

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify d...

6.5

CVE-2024-41905

  • EPSS 0.3%
  • Veröffentlicht 13.08.2024 08:15:13
  • Zuletzt bearbeitet 14.08.2024 18:03:07

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not have access control for accessing the files. This could allow an authenticated attacker with low privilege's to ...

7.2

CVE-2024-41903

  • EPSS 0.27%
  • Veröffentlicht 13.08.2024 08:15:12
  • Zuletzt bearbeitet 14.08.2024 18:39:21

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges. This could allow an attacker to alter the contai...