Lucene search
+L

199 matches found

NVD
NVD
added 2022/05/04 2:15 p.m.19 views

CVE-2022-25782

Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7...

5.5CVSS0.00466EPSS
Exploits0References1
OSV
OSV
added 2022/05/04 2:15 p.m.6 views

CVE-2022-25778

Cross-Site Request Forgery CSRF vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in logged in user session...

8.8CVSS7.3AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2022/05/04 2:15 p.m.28 views

CVE-2021-32010

Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to...

8.1CVSS0.00216EPSS
Exploits0References1
Prion
Prion
added 2022/05/04 2:15 p.m.15 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in logged in user session...

6.8CVSS8.6AI score0.00262EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2022/05/04 2:15 p.m.13 views

Input validation

Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7...

4CVSS4.6AI score0.00584EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2022/05/04 2:15 p.m.17 views

Cross site scripting

Cross-site Scripting XSS vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session...

4.3CVSS6AI score0.00462EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2022/05/04 2:15 p.m.16 views

Cross site request forgery (csrf)

Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7...

4.6CVSS6.4AI score0.00232EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2022/05/04 2:15 p.m.16 views

Information disclosure

Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope...

4CVSS4.8AI score0.00584EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2022/05/04 2:15 p.m.13 views

Input validation

Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7...

5.5CVSS5.4AI score0.00466EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2022/05/04 2:15 p.m.15 views

Code injection

Logging of Excessive Data vulnerability in audit log of Secomea GateManager allows logged in user to write text entries in audit log. This issue affects: Secomea GateManager versions prior to 9.7...

4CVSS4.7AI score0.00517EPSS
Exploits0References1Affected Software4
CVE
CVE
added 2022/05/04 1:58 p.m.738 views

CVE-2022-25787

The CVE concerns Secomea GateManager, specifically its LMM API: Information Exposure Through Query Strings in GET requests can leak information via the GATE LMM API, allowing a local attacker (or an admin) to hijack connections. Affected are all GateManager versions prior to 9.7. The root cause i...

7.5CVSS6.6AI score0.00232EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/04 1:58 p.m.24 views

CVE-2022-25787 GTA URLs issued by LMM WEB API may leak information

Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7...

7.5CVSS7.6AI score0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/04 1:55 p.m.30 views

CVE-2022-25783 Hacking attempts from logged-in users are not properly logged by GM

Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7...

4.3CVSS4.9AI score0.00584EPSS
Exploits0References1
CVE
CVE
added 2022/05/04 1:54 p.m.81 views

CVE-2022-25782

CVE-2022-25782 affects Secomea GateManager Web UI. The vulnerability stems from improper handling of permissions, allowing a logged-in user to access and update privileged information. Impact is described as exposure of privilege information and the ability to modify it for versions prior to 9.7....

5.5CVSS5.3AI score0.00466EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/04 1:54 p.m.23 views

CVE-2022-25782 Insufficient privilege checks on object access and updates.

Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7...

5.4CVSS5.6AI score0.00466EPSS
Exploits0References1
CVE
CVE
added 2022/05/04 1:53 p.m.83 views

CVE-2022-25781

CVE-2022-25781 affects Secomea GateManager Web UI with a cross-site scripting (XSS) vulnerability that can allow an attacker to inject JavaScript/HTML into a logged-in user session, enabling phishing or session manipulation. The connected sources consistently describe XSS in the GateManager web i...

6.1CVSS5AI score0.00462EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/05/04 1:52 p.m.73 views

CVE-2022-25780

CVE-2022-25780 covers an information-disclosure vulnerability in the web UI of Secomea GateManager. The issue allows an authenticated user to query devices outside their own scope via the web interface. Public documentation across multiple sources states this vulnerability affects versions prior ...

4.3CVSS4.6AI score0.00584EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/04 1:52 p.m.21 views

CVE-2022-25780 Information leak via device availability query function

Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope...

4.3CVSS5AI score0.00584EPSS
Exploits0References1
CVE
CVE
added 2022/05/04 1:51 p.m.82 views

CVE-2022-25779

CVE-2022-25779 affects Secomea GateManager (versions prior to 9.7). The issue is described as a Logging of Excessive Data vulnerability in the audit log that allows a logged-in user to write text entries in the audit log, with a root cause related to insufficient scope checks that enable adding u...

4.3CVSS4.5AI score0.00517EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/04 1:51 p.m.24 views

CVE-2022-25779 Insufficient scope checks allows adding unrelated audit log entries

Logging of Excessive Data vulnerability in audit log of Secomea GateManager allows logged in user to write text entries in audit log. This issue affects: Secomea GateManager versions prior to 9.7...

4.3CVSS4.9AI score0.00517EPSS
Exploits0References1
Rows per page
Query Builder