CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46894
https://notcve.org/view.php?id=CVE-2024-46894
12 Nov 2024 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate authorization of a user to query the "/api/sftp/users" endpoint. This could allow an authenticated remote attacker to gain knowledge about the list of configured users of the SFTP service and also modify that configuration. • https://cert-portal.siemens.com/productcert/html/ssa-915275.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-276: Incorrect Default Permissions •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46892
https://notcve.org/view.php?id=CVE-2024-46892
12 Nov 2024 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an authenticated attacker to continue performing malicious actions even after their user account has been disabled. • https://cert-portal.siemens.com/productcert/html/ssa-915275.html • CWE-613: Insufficient Session Expiration •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46891
https://notcve.org/view.php?id=CVE-2024-46891
12 Nov 2024 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition. • https://cert-portal.siemens.com/productcert/html/ssa-915275.html • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46890
https://notcve.org/view.php?id=CVE-2024-46890
12 Nov 2024 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS. • https://cert-portal.siemens.com/productcert/html/ssa-915275.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46889
https://notcve.org/view.php?id=CVE-2024-46889
12 Nov 2024 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files. • https://cert-portal.siemens.com/productcert/html/ssa-915275.html • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46888
https://notcve.org/view.php?id=CVE-2024-46888
12 Nov 2024 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device. • https://cert-portal.siemens.com/productcert/html/ssa-915275.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-48431
https://notcve.org/view.php?id=CVE-2023-48431
12 Dec 2023 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate the response received by an UMC server. An attacker can use this to crash the affected software by providing and configuring a malicious UMC server or by manipulating the traffic from a legitimate UMC server (i.e. leveraging CVE-2023-48427). Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). El software afectado no valida correctamen... • https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-48430
https://notcve.org/view.php?id=CVE-2023-48430
12 Dec 2023 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart. Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). • https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf • CWE-392: Missing Report of Error Condition •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-48429
https://notcve.org/view.php?id=CVE-2023-48429
12 Dec 2023 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automatically restart. Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). • https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf • CWE-394: Unexpected Status Code or Return Value CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-48428
https://notcve.org/view.php?id=CVE-2023-48428
12 Dec 2023 — A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level. Se ha identificado una vulnerabilidad en SINEC INS (Todas las versiones < V1.0 SP2 Update 2). El mecanismo de configuración de radio de los productos afectados no verifica corre... • https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •