Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-91618
HistoryOct 13, 2022 - 12:00 a.m.

Multiple Siemens Products Access Control Error Vulnerabilities

2022-10-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
siemens
sicam
access control
vulnerability
session cookie
login/logout

0.001 Low

EPSS

Percentile

24.0%

JSON

Siemens SICAM is an integrated substation automation system from Siemens (Germany). An access control error vulnerability exists in several Siemens products. The vulnerability stems from the fact that the affected device accepts a user-defined session cookie and does not update the session cookie after login/logout, which could be exploited to take over another user’s session after login.

Related

cve 1
prion 1
cvelist 1
nessus 1
nvd 1
ics 1
cve
cve
CVE-2022-40226
2022-10-11 11:15:10
prion
prion
Design/Logic Flaw
2022-10-11 11:15:00
cvelist
cvelist
CVE-2022-40226
2022-10-11 00:00:00
nessus
nessus
Siemens SICAM P850 and P855 Devices Session Fixation (CVE-2022-40226)
2023-05-09 00:00:00
nvd
nvd
CVE-2022-40226
2022-10-11 11:15:10
ics
ics
Siemens SICAM P850 and P855 Devices (Update A)
2022-12-15 12:00:00

0.001 Low

EPSS

Percentile

24.0%

JSON
Related for CNVD-2022-91618
cve1prion1cvelist1nessus1nvd1ics1