Siemens

Sinema Remote Connect Server

71 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-39869

  • EPSS 0.48%
  • Veröffentlicht 09.07.2024 12:15:18
  • Zuletzt bearbeitet 21.11.2024 09:28:27

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected products allow to upload certificates. An authenticated attacker could upload a crafted certificates leading to a permanent denial-of-service situ...

7.8

CVE-2024-39870

  • EPSS 0.24%
  • Veröffentlicht 09.07.2024 12:15:18
  • Zuletzt bearbeitet 21.11.2024 09:28:27

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured to allow users to manage own users. A local authenticated user with this privilege could use this modify users ...

7.3

CVE-2024-39867

  • EPSS 0.39%
  • Veröffentlicht 09.07.2024 12:15:17
  • Zuletzt bearbeitet 21.11.2024 09:28:27

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to a...

8.8

CVE-2024-39866

  • EPSS 0.24%
  • Veröffentlicht 09.07.2024 12:15:17
  • Zuletzt bearbeitet 21.11.2024 09:28:27

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. This could allow an attacker with access to the backup encryption key and with the ...

8.8

CVE-2024-39865

  • EPSS 10.55%
  • Veröffentlicht 09.07.2024 12:15:17
  • Zuletzt bearbeitet 21.11.2024 09:28:27

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path o...

8.8

CVE-2024-39571

  • EPSS 1.55%
  • Veröffentlicht 09.07.2024 12:15:16
  • Zuletzt bearbeitet 21.11.2024 09:28:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading SNMP configurations. This could allow an...

8.8

CVE-2024-39570

  • EPSS 2.59%
  • Veröffentlicht 09.07.2024 12:15:16
  • Zuletzt bearbeitet 21.11.2024 09:28:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow a...

9.8

CVE-2022-32257

  • EPSS 0.45%
  • Veröffentlicht 12.03.2024 11:15:45
  • Zuletzt bearbeitet 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resour...

9.8

CVE-2022-32262

  • EPSS 2.15%
  • Veröffentlicht 14.06.2022 10:15:21
  • Zuletzt bearbeitet 21.11.2024 07:06:03

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution.

7.5

CVE-2022-32261

  • EPSS 0.24%
  • Veröffentlicht 14.06.2022 10:15:21
  • Zuletzt bearbeitet 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application.