287 matches found
CVE-2024-39876
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected applications do not properly handle log rotation. This could allow an unauthenticated remote attacker to cause a denial of service condition through resource exhaustion on the device...
CVE-2024-39876
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected applications do not properly handle log rotation. This could allow an unauthenticated remote attacker to cause a denial of service condition through resource exhaustion on the device...
CVE-2024-39876
CVE-2024-39876 affects Siemens SINEMA Remote Connect Server: all versions before 3.2 SP1 fail to properly handle log rotation, enabling a DoS via resource exhaustion. Public documents consistently cite the vulnerability as impacting the server and describe the root cause as log-rotation handling ...
CVE-2024-39875
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows authenticated, low privilege users with the 'Manage own remote connections' permission to retrieve details about other users and group memberships...
CVE-2024-39875
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows authenticated, low privilege users with the 'Manage own remote connections' permission to retrieve details about other users and group memberships...
CVE-2024-39875
Siemens SINEMA Remote Connect Server (all versions
CVE-2024-39874
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly implement brute force protection against user credentials in its Client Communication component. This could allow an attacker to learn user credentials that are...
CVE-2024-39873
Summary: CVE-2024-39873 affects Siemens SINEMA Remote Connect Server (all versions before V3.2 SP1). The security issue is a failure to properly implement brute-force protection on the web API authentication, which could allow an attacker to learn user credentials vulnerable to brute force attack...
CVE-2024-39873
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly implement brute force protection against user credentials in its web API. This could allow an attacker to learn user credentials that are vulnerable to brute force...
CVE-2024-39872
Siemens SINEMA Remote Connect Server (all versions
CVE-2024-39872
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly assign rights to temporary files created during its update process. This could allow an authenticated attacker with the 'Manage firmware updates' role to escalate...
CVE-2024-39871
Issue summary: CVE-2024-39871 affects Siemens SINEMA Remote Connect Server (all versions
CVE-2024-39871
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage...
CVE-2024-39871
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage...
CVE-2024-39870
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected applications can be configured to allow users to manage own users. A local authenticated user with this privilege could use this modify users outside of their own scope as well as to escalate...
CVE-2024-39870
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected applications can be configured to allow users to manage own users. A local authenticated user with this privilege could use this modify users outside of their own scope as well as to escalate...
CVE-2024-39870
CVE-2024-39870 concerns Siemens SINEMA Remote Connect Server (All versions
CVE-2024-39869
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected products allow to upload certificates. An authenticated attacker could upload a crafted certificates leading to a permanent denial-of-service situation. In order to recover from such an attack, the...
CVE-2024-39869
Siemens SINEMA Remote Connect Server is affected: all versions prior to V3.2 SP1 allow uploading certificates, and an authenticated attacker can upload crafted certificates that cause a permanent Denial-of-Service. The vulnerability stems from improper handling during certificate upload (unusual/...
CVE-2024-39868
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit VxLAN configuration information of...