5 matches found
Siemens SCALANCE and RUGGEDCOM Products Missing Authorization (CVE-2022-31765)
Affected devices do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
CVE-2022-31765
creationtimestamp| type| source ---|---|--- 2022-10-11 14:26:06+00:00| seen| https://t.me/cibsecurity/51113 2026-04-14 03:04:52+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-prodotti-siemens-20 2026-04-14 13:10:23+00:00| seen|...
CVE-2022-31765
Affected devices do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges...
CVE-2022-31765
Siemens SCALANCE and RUGGEDCOM devices are affected by CVE-2022-31765 due to missing authorization in the web interface change-password function. Affected products (multiple SCALANCE and RUGGEDCOM models) before the fixed version (V7.1.2) allow low-privileged users to escalate privileges, with CV...
libsixel resource management error vulnerability (CNVD-2022-31765)
libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. A resource management error vulnerability exists in libsixel version 1.10.0, which stems from the presence of post-release reuse in libsixel/src/dither.c:379. An attacker cou...