7 results (0.005 seconds)

CVSS: 9.8EPSS: 94%CPEs: 97EXPL: 84

01 Apr 2022 — A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. Una aplicación Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser ... • https://packetstorm.news/files/id/167011 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

08 Mar 2022 — A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application. Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones anteriores a la versión V1.0.3). Un atacante autentificado con privilegios podría ejecutar comandos arbitrarios en la base de datos local enviando peticiones... • https://cert-portal.siemens.com/productcert/pdf/ssa-250085.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

08 Mar 2022 — A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation. Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones anteriores a la versión V1.0.3), SINEC NMS (Todas las ... • https://cert-portal.siemens.com/productcert/pdf/ssa-250085.pdf • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

14 Sep 2021 — A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). The web interface of affected devices is vulnerable to a Cross-Site Request Forgery (CSRF) attack. This could allow an attacker to manipulate the SINEC NMS configuration by tricking an unsuspecting user with administrative privileges to click on a malicious link. Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones anteriores a V1.0 SP1). La interfaz web de los dispositivos afectados es vulnerable a un ataque de t... • https://cert-portal.siemens.com/productcert/pdf/ssa-330339.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.7EPSS: 2%CPEs: 2EXPL: 0

14 Sep 2021 — A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request. Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones anteriores a V1.0 SP1). Un atacante con acceso al servidor web de un sistema afectado podría descargar archivos arbitrarios del sistema de archivos subyacente mediante el envío de una petición H... • https://cert-portal.siemens.com/productcert/pdf/ssa-330339.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.0EPSS: 5%CPEs: 3EXPL: 0

10 Aug 2021 — A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges could exploit this vulnerability to execute arbitrary code on the system with system privileges. Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones anteriores a V1.0 SP2). La aplicación afectada neutraliza incorrect... • https://cert-portal.siemens.com/productcert/pdf/ssa-756744.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0

09 Feb 2021 — A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as 'Zip-Slip'. (ZDI-CAN-12054) Se ha identificado ... • https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •