CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-34661
https://notcve.org/view.php?id=CVE-2022-34661
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition. Se ha identificado una vulnerabilidad en Teamcenter V12.4 (Todas las versiones anteriores a V12.4.0.15), Teamcenter V13.0 (Todas las versiones anteriores a V13.0.0.10), Teamcenter V13.1 (Todas las versiones anteriores a V13.1.0.10), Teamcenter V13.2 (Todas las versiones anteriores a V13.2.0.9), Teamcenter V13.3 (Todas las versiones anteriores a V13.3.0.5), Teamcenter V14.0 (Todas las versiones anteriores a V14.0.0.2). El servicio de caché del servidor de archivos en Teamcenter es vulnerable a una denegación de servicio al entrar en bucles infinitos y consumir ciclos de CPU. • https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-34660
https://notcve.org/view.php?id=CVE-2022-34660
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution. Se ha identificado una vulnerabilidad en Teamcenter V12.4 (Todas las versiones anteriores a V12.4.0.15), Teamcenter V13.0 (Todas las versiones anteriores a V13.0.0.10), Teamcenter V13.1 (Todas las versiones anteriores a V13.1.0.10), Teamcenter V13.2 (Todas las versiones anteriores a V13.2.0.9), Teamcenter V13.3 (Todas las versiones anteriores a V13.3.0.5), Teamcenter V14.0 (Todas las versiones anteriores a V14.0.0.2). El servicio File Server Cache en Teamcenter consiste en una funcionalidad que es vulnerable a una inyección de comandos. • https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-31619
https://notcve.org/view.php?id=CVE-2022-31619
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions. Se ha identificado una vulnerabilidad en Teamcenter V12.4 (Todas las versiones anteriores a V12.4.0.13), Teamcenter V13.0 (Todas las versiones anteriores a V13.0.0.9), Teamcenter V13.1 (Todas las versiones anteriores a V13.1.0.9), Teamcenter V13.2 (Todas las versiones anteriores a V13.2.0.9), Teamcenter V13.3 (Todas las versiones anteriores a V13.3.0.3), Teamcenter V14.0 (Todas las versiones anteriores a V14.0.0.2). El adaptador HTML de Java EE Server Manager en Teamcenter consta de credenciales predeterminadas codificadas. • https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-24290
https://notcve.org/view.php?id=CVE-2022-24290
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash. Se ha identificado una vulnerabilidad en Teamcenter V12.4 (Todas las versiones anteriores a V12.4.0.13), Teamcenter V13.0 (Todas las versiones anteriores a V13.0.0.9), Teamcenter V13.1 (Todas las versiones), Teamcenter V13.2 (Todas las versiones anteriores a V13.2.0.8), Teamcenter V13.3 (Todas las versiones anteriores a V13.3.0.3), Teamcenter V14.0 (Todas las versiones anteriores a V14.0.0.2). El binario tcserver.exe de las aplicaciones afectadas es vulnerable a una condición de desbordamiento de pila durante el análisis de la entrada del usuario que puede hacer que el binario se bloquee • https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 96%CPEs: 398EXPL: 30CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. • https://github.com/fullhunt/log4j-scan https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words https://github.com/cyberstruggle/L4sh https://github.com/woodpecker-appstore/log4j-payload-generator https://github.com/tangxiaofeng7/apache-log4j-poc https://www.exploit-db.com/exploits/51183 https://www.exploit-db.com/exploits/50592 https://www.exploit-db.com/exploits/50590 https://github.com/logpresso/CVE-2021-44228-Scanner https://github.com/jas502n/Log4j2-CVE-2021-44228 h • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •