Siemens

Sipass Integrated

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2025-40774

  • EPSS 0.02%
  • Veröffentlicht 14.10.2025 09:15:21
  • Zuletzt bearbeitet 16.10.2025 14:09:09

A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications store user passwords encrypted in its database. Decryption keys are accessible to users with administrative privileges, allowing them to reco...

5.3

CVE-2025-40773

  • EPSS 0.05%
  • Veröffentlicht 14.10.2025 09:15:19
  • Zuletzt bearbeitet 16.10.2025 15:01:12

A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications contains a broken access control vulnerability. The authorization mechanism lacks sufficient server-side checks, allowing an attacker to exec...

6.1

CVE-2025-40772

  • EPSS 0.06%
  • Veröffentlicht 14.10.2025 09:15:18
  • Zuletzt bearbeitet 16.10.2025 15:02:58

A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications are vulnerable to stored Cross-Site Scripting (XSS), allowing an attacker to inject malicious code that can be executed by other users when t...

7.5

CVE-2022-31812

  • EPSS 0.14%
  • Veröffentlicht 23.05.2025 15:03:39
  • Zuletzt bearbeitet 22.08.2025 19:37:02

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected server applications contain an out of bounds read past the end of an allocated buffer while checking the integrity of incoming packets. This could allow an...

7.5

CVE-2022-31810

  • EPSS 0.35%
  • Veröffentlicht 11.07.2023 10:15:10
  • Zuletzt bearbeitet 21.11.2024 07:05:22

A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This co...

9.8

CVE-2022-22965

Warnung Exploit
  • EPSS 94.44%
  • Veröffentlicht 01.04.2022 23:15:13
  • Zuletzt bearbeitet 30.10.2025 19:56:43

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Sp...

9

CVE-2021-45046

Warnung
  • EPSS 94.34%
  • Veröffentlicht 14.12.2021 19:15:07
  • Zuletzt bearbeitet 27.10.2025 17:35:56

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a n...

7.5

CVE-2021-44522

  • EPSS 0.43%
  • Veröffentlicht 14.12.2021 12:15:12
  • Zuletzt bearbeitet 21.11.2024 06:31:09

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.28...

9.1

CVE-2021-44523

  • EPSS 0.42%
  • Veröffentlicht 14.12.2021 12:15:12
  • Zuletzt bearbeitet 21.11.2024 06:31:09

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.28...

9.8

CVE-2021-44524

  • EPSS 0.58%
  • Veröffentlicht 14.12.2021 12:15:12
  • Zuletzt bearbeitet 21.11.2024 06:31:09

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.28...