CVE-2014-2731
https://notcve.org/view.php?id=CVE-2014-2731
Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port (1) 4999 or (2) 80. Múltiples vulnerabilidades no especificadas en el servidor web integrado en el servidor Siemens SINEMA anterior a 12 SP1 permiten a atacantes remotos ejecutar código arbitrario a través de trafico HTTP hacia puerto (1) 4999 o (2) 80. • http://ics-cert.us-cert.gov/advisories/ICSA-14-107-01 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-364879.pdf •
CVE-2014-2733
https://notcve.org/view.php?id=CVE-2014-2733
Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80. El servidor Siemens SINEMA anterior a 12 SP1 permite a atacantes remotos causar una denegación de servicio (interrupción de interfaz web) a través de solicitudes HTTP manipuladas hacia puerto (1) 4999 o (2) 80. • http://ics-cert.us-cert.gov/advisories/ICSA-14-107-01 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-364879.pdf • CWE-20: Improper Input Validation •