Siemens

Sinema Remote Connect Server

69 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.3

CVE-2024-39867

  • EPSS 0.28%
  • Veröffentlicht 09.07.2024 12:15:17
  • Zuletzt bearbeitet 21.11.2024 09:28:27

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to a...

8.8

CVE-2024-39866

  • EPSS 0.21%
  • Veröffentlicht 09.07.2024 12:15:17
  • Zuletzt bearbeitet 21.11.2024 09:28:27

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. This could allow an attacker with access to the backup encryption key and with the ...

8.8

CVE-2024-39865

  • EPSS 8.05%
  • Veröffentlicht 09.07.2024 12:15:17
  • Zuletzt bearbeitet 21.11.2024 09:28:27

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path o...

8.8

CVE-2024-39571

  • EPSS 1.15%
  • Veröffentlicht 09.07.2024 12:15:16
  • Zuletzt bearbeitet 21.11.2024 09:28:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading SNMP configurations. This could allow an...

8.8

CVE-2024-39570

  • EPSS 1.92%
  • Veröffentlicht 09.07.2024 12:15:16
  • Zuletzt bearbeitet 21.11.2024 09:28:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow a...

9.8

CVE-2022-32257

  • EPSS 0.45%
  • Veröffentlicht 12.03.2024 11:15:45
  • Zuletzt bearbeitet 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resour...

9.8

CVE-2022-32262

  • EPSS 2.15%
  • Veröffentlicht 14.06.2022 10:15:21
  • Zuletzt bearbeitet 21.11.2024 07:06:03

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution.

7.5

CVE-2022-32258

  • EPSS 0.26%
  • Veröffentlicht 14.06.2022 10:15:21
  • Zuletzt bearbeitet 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older feature that allows to import device configurations via a specific endpoint. An attacker could use this vulnerabilit...

6.5

CVE-2022-32259

  • EPSS 0.19%
  • Veröffentlicht 14.06.2022 10:15:21
  • Zuletzt bearbeitet 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain informati...

9.8

CVE-2022-32260

  • EPSS 0.1%
  • Veröffentlicht 14.06.2022 10:15:21
  • Zuletzt bearbeitet 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials fo...