CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37193
https://notcve.org/view.php?id=CVE-2021-37193
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could manipulate certain parameters and set a valid user of the affected software as invalid (or vice-versa). Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.0 SP2). Un atacante no autenticado en la misma red del sistema afectado podría manipular determinados parámetros y configurar un usuario válido del software afectado como no válido (o viceversa) • https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf • CWE-471: Modification of Assumed-Immutable Data (MAID) •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37192
https://notcve.org/view.php?id=CVE-2021-37192
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information disclosure vulnerability that could allow an attacker to retrieve a list of network devices a known user can manage. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.0 SP2). El software afectado presenta una vulnerabilidad de divulgación de información que podría permitir a un atacante recuperar una lista de dispositivos de red que un usuario conocido puede administrar • https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37191
https://notcve.org/view.php?id=CVE-2021-37191
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.0 SP2). Un atacante no autenticado en la misma red del sistema afectado podría forzar los nombres de usuario del software afectado • https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf • CWE-799: Improper Control of Interaction Frequency •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37190
https://notcve.org/view.php?id=CVE-2021-37190
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information disclosure vulnerability that could allow an attacker to retrieve VPN connection for a known user. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.0 SP2). El software afectado presenta una vulnerabilidad de divulgación de información que podría permitir a un atacante recuperar la conexión VPN de un usuario conocido • https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37183
https://notcve.org/view.php?id=CVE-2021-37183
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software allows sending send-to-sleep notifications to the managed devices. An unauthenticated attacker in the same network of the affected system can abuse these notifications to cause a Denial-of-Service condition in the managed devices. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.0 SP2). El software afectado permite enviar notificaciones de envío a los dispositivos administrados. • https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf • CWE-284: Improper Access Control •