Siemens

Sinec Nms

50 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2021-42550

Exploit
  • EPSS 2.73%
  • Veröffentlicht 16.12.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:27:47

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

7.2

CVE-2021-33731

  • EPSS 0.76%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:28

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

9

CVE-2021-33728

  • EPSS 1.99%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:27

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system allows to upload JSON objects that are deserialized to JAVA objects. Due to insecure deserialization of user-supplied content by the affected sof...

8.8

CVE-2021-33729

  • EPSS 0.8%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:27

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An authenticated attacker that is able to import firmware containers to an affected system could execute arbitrary commands in the local database.

7.2

CVE-2021-33730

  • EPSS 0.76%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:27

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

7.2

CVE-2021-33732

  • EPSS 0.76%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:28

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

7.2

CVE-2021-33733

  • EPSS 0.76%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:28

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

7.2

CVE-2021-33734

  • EPSS 0.76%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:28

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

7.2

CVE-2021-33735

  • EPSS 0.64%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:28

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

7.2

CVE-2021-33736

  • EPSS 0.64%
  • Veröffentlicht 12.10.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 06:09:28

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.