Siemens

Sinema Remote Connect Server

69 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-32261

  • EPSS 0.24%
  • Published 14.06.2022 10:15:21
  • Last modified 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application.

6.5

CVE-2022-32256

  • EPSS 0.2%
  • Published 14.06.2022 10:15:20
  • Last modified 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to low privileged users accessin...

5.3

CVE-2022-32255

  • EPSS 0.24%
  • Published 14.06.2022 10:15:20
  • Last modified 21.11.2024 07:06:02

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to limite...

7.5

CVE-2022-32254

  • EPSS 0.29%
  • Published 14.06.2022 10:15:20
  • Last modified 21.11.2024 07:06:01

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could pr...

7.5

CVE-2022-32253

  • EPSS 0.18%
  • Published 14.06.2022 10:15:20
  • Last modified 21.11.2024 07:06:01

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker.

9.3

CVE-2022-32252

  • EPSS 0.13%
  • Published 14.06.2022 10:15:20
  • Last modified 21.11.2024 07:06:01

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package,...

9.8

CVE-2022-32251

  • EPSS 0.31%
  • Published 14.06.2022 10:15:20
  • Last modified 21.11.2024 07:06:01

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the pe...

6.1

CVE-2022-29034

Exploit
  • EPSS 7.05%
  • Published 14.06.2022 10:15:20
  • Last modified 21.11.2024 06:58:22

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow attackers to...

5.9

CVE-2022-27221

  • EPSS 0.37%
  • Published 14.06.2022 10:15:20
  • Last modified 21.11.2024 06:55:26

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HT...

4.3

CVE-2022-27220

  • EPSS 0.18%
  • Published 14.06.2022 10:15:19
  • Last modified 21.11.2024 06:55:26

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers mor...