128 matches found
CVE-2021-32002
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...
Improper access control
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...
Design/Logic Flaw
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...
CVE-2021-32003 Configuration service port remains open 10 minutes after reboot even when already provisioned
Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...
CVE-2021-32003
CVE-2021-32003 affects Secomea SiteManager provisioning/configuration service on hardware; the unprotected transport of credentials allows a local attacker to capture credentials when the service is used after provisioning. Affected: SiteManager versions prior to 9.5. Mitigation per sources is to...
CVE-2021-32002 SiteManager troubleshooter allows access without authentication from local network
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...
CVE-2021-32002
CVE-2021-32002 relates to an improper access control vulnerability in the Secomea SiteManager web service. Affected product: Secomea SiteManager (hardware) with versions prior to 9.5. Root cause: web service allows a local attacker without credentials to access and gather network information and ...
Secomea SiteManager 安全漏洞
Secomea SiteManager is a software application from the Danish company Secomea. It provides a remote maintenance function for industrial equipment. A security vulnerability exists in Secomea SiteManager versions prior to 9.5, which stems from an unprotected credentials transfer vulnerability in th...
Secomea SiteManager Input Validation Error Vulnerability
Secomea SiteManager is a software application from Secomea, Denmark. It provides a remote maintenance function for industrial equipment. An input validation error vulnerability exists in Secomea SiteManager versions prior to 9.4.620527004, which arises from a network system or product that does n...
CVE-2020-29020
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...
CVE-2020-29020
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...
Improper access control
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...
CVE-2020-29020 Reject Remote Management via Cellular UPLINK2
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...
CVE-2020-29020
The vulnerability CVE-2020-29020 affects Secomea SiteManager (hardware) with all versions prior to 9.4.620527004. The root cause is Improper Access Control in the web service, enabling a remote attacker to access the web UI from the internet using configured credentials. Impact is access to the w...
CVE-2020-29027
Cross-site Scripting XSS vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3...
CVE-2020-29027
Cross-site Scripting XSS vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3...
CVE-2020-29025
A vulnerability in SiteManager-Embedded SM-E Web server which may allow attacker to construct a URL that if visited by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application. Thi...
Design/Logic Flaw
A vulnerability in SiteManager-Embedded SM-E Web server which may allow attacker to construct a URL that if visited by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application. Thi...
Cross site scripting
Cross-site Scripting XSS vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3...
CVE-2020-29027 Reflected Cross Site Scripting
Cross-site Scripting XSS vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3...