287 matches found
CVE-2019-13918
A vulnerability has been identified in SINEMA Remote Connect Server All versions V2.0 SP1. The web interface has no means to prevent password guessing attacks. The vulnerability could be exploited by an attacker with network access to the vulnerable software, requiring no privileges and no user...
CVE-2022-32251
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an...
CVE-2022-32257
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2. The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution...
CVE-2024-39865
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker...
CVE-2024-39874
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly implement brute force protection against user credentials in its Client Communication component. This could allow an attacker to learn user credentials that are...
CVE-2024-39866
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. This could allow an attacker with access to the backup encryption key and with the right to upload backup files to create a user with...
CVE-2024-39570
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 HF1. Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow an authenticated attacker to execute arbitrary code...
Siemens SINEMA Remote Connect Server Session Fixation Vulnerability
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. A session fixation vulnerability exists in Siemens SINEMA Remote Connect Server due to a failure of t...
CVE-2024-42345
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP2. The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session...
CVE-2024-42345
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP2. The affected application does not properly handle user session establishment and invalidation. This could allow a remote attacker to circumvent the additional multi factor authentication for user session...
CVE-2024-42345
CVE-2024-42345 affects SINEMA Remote Connect Server prior to v3.2 SP2. The vulnerability is a session-fixation flaw where improper handling of user session establishment/invalidation could allow a remote attacker to bypass the additional multi-factor authentication for user session establishment....
PT-2024-29882 · Siemens · Sinema Remote Connect Server
Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP2 Description: A vulnerability has been identified in the SINEMA Remote Connect Server where the application does not properly handle user session establishment and invalidation. This coul...
Siemens SINEMA Remote Connect Server 授权问题漏洞
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. A session fixation vulnerability exists in Siemens SINEMA Remote Connect Server due to a failure of t...
Siemens Industrial Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SINEMA Remote Connect Server Command Injection Vulnerability (CNVD-2024-32688)
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. Siemens SINEMA Remote Connect Server suffers from a command injection vulnerability that can be...
Unspecified Vulnerability in Siemens SINEMA Remote Connect Server (CNVD-2024-31245)
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. A security vulnerability exists in Siemens SINEMA Remote Connect Server, which can be exploited by an...
Siemens SINEMA Remote Connect Server Forced Browsing Vulnerability (CNVD-2024-31230)
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. Siemens SINEMA Remote Connect Server suffers from a forced browsing vulnerability due to the failure ...
Siemens SINEMA Remote Connect Server Incorrect Authorization Vulnerability
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. An incorrect authorization vulnerability exists in Siemens SINEMA Remote Connect Server, which can be...
Siemens SINEMA Remote Connect Server Forced Browsing Vulnerability
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. Siemens SINEMA Remote Connect Server suffers from a forced browsing vulnerability, which is caused du...
Unspecified Vulnerability in Siemens SINEMA Remote Connect Server (CNVD-2024-31247)
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. A security vulnerability exists in Siemens SINEMA Remote Connect Server due to an affected applicatio...