siemens sinema server vulnerabilities and exploits

(subscribe to this query)

9

CVSSv2

A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). Incorrect session validation could allow an attacker with a valid session, with low privileges, to perform firmware updates and other administrative operations on connected devices. The s...

Siemens Sinema Server Siemens Sinema Server 14.0

5

CVSSv2

A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). Missing authentication for functionality that requires administrative user identity could allow an malicious user to obtain encoded system configuration backup files. This is only possible through n...

Siemens Sinema Server Siemens Sinema Server 14.0

3.3

CVSSv2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The status provided by the syslog clients managed by the affected software can be manipulated by an unauthenticated attacker in the same network of the affected system.

Siemens Sinema Remote Connect Server Siemens Sinema Remote Connect Server 3.0

3.3

CVSSv2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information disclosure vulnerability that could allow an malicious user to retrieve a list of network devices a known user can manage.

Siemens Sinema Remote Connect Server Siemens Sinema Remote Connect Server 3.0

3.3

CVSSv2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could manipulate certain parameters and set a valid user of the affected software as invalid (or vice-versa).

Siemens Sinema Remote Connect Server Siemens Sinema Remote Connect Server 3.0

7.5

CVSSv2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent password guessing attacks. The vulnerability could be exploited by an attacker with network access to the vulnerable software, requiring no ...

Siemens Sinema Remote Connect Server 2.0 Siemens Sinema Remote Connect Server

4

CVSSv2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some pages that should only be accessible by a privileged user can also be accessed by a non-privileged user. The security vulnerability could be exploited by an attacker with networ...

Siemens Sinema Remote Connect Server Siemens Sinema Remote Connect Server 2.0

4.3

CVSSv2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some parts of the web application are not protected against Cross Site Request Forgery (CSRF) attacks. The security vulnerability could be exploited by an attacker that is able to tr...

Siemens Sinema Remote Connect Server Siemens Sinema Remote Connect Server 2.0

4

CVSSv2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attacker with network access...

Siemens Sinema Remote Connect Server Siemens Sinema Remote Connect Server 2.0

4.3

CVSSv2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, cha...

Siemens Sinema Remote Connect Server Siemens Sinema Remote Connect Server 3.0

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook