Siemens

Sinema Remote Connect Server

71 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2021-20093

Exploit
  • EPSS 8.2%
  • Veröffentlicht 16.06.2021 12:15:12
  • Zuletzt bearbeitet 21.11.2024 05:45:54

A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.

8.8

CVE-2020-25240

  • EPSS 0.34%
  • Veröffentlicht 15.03.2021 17:15:20
  • Zuletzt bearbeitet 21.11.2024 05:17:44

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). Unpriviledged users can access services when guessing the url. An attacker could impact availability, integrity and gain information from logs and templates of...

8.8

CVE-2020-25239

  • EPSS 0.34%
  • Veröffentlicht 15.03.2021 17:15:19
  • Zuletzt bearbeitet 21.11.2024 05:17:44

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a...

7.5

CVE-2020-7595

  • EPSS 0.47%
  • Veröffentlicht 21.01.2020 23:15:13
  • Zuletzt bearbeitet 03.12.2025 16:15:54

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

7.5

CVE-2019-19956

  • EPSS 0.15%
  • Veröffentlicht 24.12.2019 16:15:11
  • Zuletzt bearbeitet 03.12.2025 19:15:50

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.

4

CVE-2019-13922

  • EPSS 0.1%
  • Veröffentlicht 13.09.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:42

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attack...

4.3

CVE-2019-13920

  • EPSS 0.12%
  • Veröffentlicht 13.09.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:42

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some parts of the web application are not protected against Cross Site Request Forgery (CSRF) attacks. The security vulnerability could be exploited by an ...

4.3

CVE-2019-13919

  • EPSS 0.15%
  • Veröffentlicht 13.09.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:41

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some pages that should only be accessible by a privileged user can also be accessed by a non-privileged user. The security vulnerability could be exploited...

9.8

CVE-2019-13918

  • EPSS 0.48%
  • Veröffentlicht 13.09.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:41

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent password guessing attacks. The vulnerability could be exploited by an attacker with network access to the vulnera...

9

CVE-2019-6570

  • EPSS 0.24%
  • Veröffentlicht 17.04.2019 14:29:03
  • Zuletzt bearbeitet 21.11.2024 04:46:43

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privile...