Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens sinec nms vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-33728
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system allows to upload JSON objects that are deserialized to JAVA objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacke...
Siemens Sinec Nms
Siemens Sinec Nms 1.0
9
CVSSv2
CVE-2021-33721
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges c...
Siemens Sinec Network Management System
Siemens Sinec Network Management System 1.0
8.5
CVSSv2
CVE-2021-42550
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
Qos Logback 1.3.0
Qos Logback
Redhat Satellite 6.0
Netapp Snap Creator Framework -
Netapp Service Level Manager -
Netapp Cloud Manager -
Siemens Sinec Nms
7 Github repositories
7.8
CVSSv2
CVE-2019-6575
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V1...
Siemens Simatic Cp443-1 Opc Ua Firmware
Siemens Simatic Et 200 Open Controller Cpu 1515sp Pc2 Firmware
Siemens Simatic Ipc Diagmonitor Firmware
Siemens Simatic Net Pc Software Firmware
Siemens Simatic Rf188c Firmware
Siemens Simatic Rf600r Firmware
Siemens Simatic S7-1500 Firmware
Siemens Sinumerik Opc Ua Server
Siemens Simatic Wincc Oa
Siemens Simatic Wincc Runtime Advanced
Siemens Simatic Wincc Runtime Comfort
Siemens Simatic Wincc Runtime Hsp Comfort
Siemens Simatic Wincc Runtime Mobile
Siemens Sinema Server
Siemens Simatic S7-1500 Software Controller
Siemens Opc Unified Architecture
Siemens Sinec-nms 1.0
Siemens Telecontrol Server Basic
Siemens Sinec-nms
Siemens Simatic S7-1500f Firmware
Siemens Simatic S7-1500s Firmware
Siemens Simatic S7-1500t Firmware
7.5
CVSSv2
CVE-2021-39275
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Server 14.0
Siemens Sinec Nms
7.2
CVSSv2
CVE-2020-7580
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All...
Siemens Simatic Pcs 7
Siemens Simatic Wincc 7.4
Siemens Simatic Wincc Runtime Advanced
Siemens Sinema Server
Siemens Simatic Net Pc 16
Siemens Simatic Net Pc
Siemens Simatic Prosave
Siemens Simatic Pcs Neo
Siemens Simatic Automatic Tool
Siemens Simatic Step 7 5.6
Siemens Simatic Step 7
Siemens Simatic Wincc Open Architecture 3.17
Siemens Simatic Wincc Open Architecture 3.16
Siemens Sinumerik Operate
Siemens Sinumerik One Virtual
Siemens Sinec Network Management System
Siemens Sinamics Startdrive
Siemens Sinamics Starter Commissioning Tool
Siemens Simatic Wincc 7.5
Siemens Simatic Wincc
Siemens Simatic Wincc Runtime Professional
Siemens Simatic S7-1500 Software Controller
6.8
CVSSv2
CVE-2021-40438
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
F5 F5os
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Secure Global Desktop 5.6
Siemens Sinema Server 14.0
Siemens Sinec Nms
14 Github repositories
6.8
CVSSv2
CVE-2021-37201
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). The web interface of affected devices is vulnerable to a Cross-Site Request Forgery (CSRF) attack. This could allow an malicious user to manipulate the SINEC NMS configuration by tricking an unsuspecti...
Siemens Sinec Network Management System
Siemens Sinec Network Management System 1.0
6.5
CVSSv2
CVE-2022-24281
A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected applica...
Siemens Sinec Network Management System
6.5
CVSSv2
CVE-2022-24282
A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization...
Siemens Sinec Network Management System
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »