CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5848
https://notcve.org/view.php?id=CVE-2016-5848
Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges. Siemens SICAM PAS en versiones anteriores a 8.07 no restringe adecuadamente datos de contraseña en la base de datos, lo que facilita a usuarios locales calcular contraseñas aprovechando privilegios de base de datos no especificados. • http://www.securityfocus.com/bid/91525 http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-444217.pdf https://ics-cert.us-cert.gov/advisories/ICSA-16-182-02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-255: Credentials Management Errors •
CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5849
https://notcve.org/view.php?id=CVE-2016-5849
Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage. Siemens SICAM PAS hasta la versión 8.07 permite a usuarios locales obtener información sensible de configuración aprovechando la paralización de la base de datos. • http://www.securityfocus.com/bid/91525 http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-444217.pdf https://ics-cert.us-cert.gov/advisories/ICSA-16-182-02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •