CVE-2020-10041

🗓️ 14 Jul 2020 13:18:05Reported by siemensType

A stored Cross-Site-Scripting (XSS) vulnerability in SICAM MMU, SGU, SICAM

Reporter	Title	Published	Views	Family All 8
CNVD	Siemens SICAM MMU, SGU and T Cross-Site Scripting Vulnerabilities	15 Jul 202000:00	–	cnvd
Cvelist	CVE-2020-10041	14 Jul 202013:18	–	cvelist
EUVD	EUVD-2020-2506	7 Oct 202500:30	–	euvd
ICS	Siemens SICAM MMU, SICAM T, and SICAM SGU	14 Jul 202000:00	–	ics
NVD	CVE-2020-10041	14 Jul 202014:15	–	nvd
Prion	Cross site scripting	14 Jul 202014:15	–	prion
RedhatCVE	CVE-2020-10041	9 Jan 202609:51	–	redhatcve
Tenable Nessus	Siemens SICAM MMU, SICAM T, and SICAM SGU Improper Neutralization of Input During Web Page Generation (CVE-2020-10041)	7 Feb 202200:00	–	nessus

NVD

Node

siemens sicam_mmu_firmwareRange<2.05

AND

siemens sicam_mmuMatch-

Node

siemens sicam_sgu_firmwareMatch-

AND

siemens sicam_sguMatch-

Node

siemens sicam_t_firmwareRange<2.18

AND

siemens sicam_tMatch-

[
  {
    "product": "SICAM MMU",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2.05"
      }
    ]
  },
  {
    "product": "SICAM SGU",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SICAM T",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2.18"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-305120.pdf

21 Nov 2024 04:54Current

5.8Medium risk

Vulners AI Score5.8

CVSS 24.3

CVSS 3.16.1

EPSS0.00317

CWE-79