CVE-2023-37482
- EPSS 0.05%
- Veröffentlicht 11.02.2025 11:15:11
- Zuletzt bearbeitet 11.02.2025 11:15:11
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames.
CVE-2022-30694
- EPSS 0.19%
- Veröffentlicht 08.11.2022 11:15:10
- Zuletzt bearbeitet 21.11.2024 07:03:11
The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
CVE-2022-38465
- EPSS 0.1%
- Veröffentlicht 11.10.2022 11:15:10
- Zuletzt bearbeitet 21.11.2024 07:16:31
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS varia...
CVE-2021-37204
- EPSS 0.7%
- Veröffentlicht 09.02.2022 16:15:13
- Zuletzt bearbeitet 21.11.2024 06:14:51
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), ...
CVE-2021-37205
- EPSS 1.14%
- Veröffentlicht 09.02.2022 16:15:13
- Zuletzt bearbeitet 21.11.2024 06:14:51
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIP...
CVE-2021-37185
- EPSS 0.7%
- Veröffentlicht 09.02.2022 16:15:12
- Zuletzt bearbeitet 21.11.2024 06:14:48
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIP...
CVE-2020-28397
- EPSS 0.18%
- Veröffentlicht 10.08.2021 11:15:07
- Zuletzt bearbeitet 21.11.2024 05:22:43
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMAT...
CVE-2020-7580
- EPSS 0.05%
- Veröffentlicht 10.06.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 05:37:24
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3),...
CVE-2019-10943
- EPSS 0.11%
- Veröffentlicht 13.08.2019 19:15:15
- Zuletzt bearbeitet 21.11.2024 04:20:12
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All...
- EPSS 0.41%
- Veröffentlicht 17.04.2019 14:29:03
- Zuletzt bearbeitet 21.11.2024 04:46:42
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vul...