Lucene search
+L

128 matches found

osv
osv
added 2021/08/05 9:15 p.m.4 views

CVE-2021-32002

Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...

3.3CVSS5.8AI score0.0023EPSS
Exploits0References1
prion
prion
added 2021/08/05 9:15 p.m.13 views

Improper access control

Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...

2.1CVSS4AI score0.0023EPSS
Exploits0References1Affected Software1
prion
prion
added 2021/08/05 9:15 p.m.20 views

Design/Logic Flaw

Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...

2.1CVSS5.4AI score0.00228EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2021/08/05 8:33 p.m.22 views

CVE-2021-32003 Configuration service port remains open 10 minutes after reboot even when already provisioned

Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...

8CVSS7.8AI score0.00228EPSS
Exploits0References1
cve
cve
added 2021/08/05 8:33 p.m.65 views

CVE-2021-32003

CVE-2021-32003 affects Secomea SiteManager provisioning/configuration service on hardware; the unprotected transport of credentials allows a local attacker to capture credentials when the service is used after provisioning. Affected: SiteManager versions prior to 9.5. Mitigation per sources is to...

8CVSS5.7AI score0.00228EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2021/08/05 8:33 p.m.17 views

CVE-2021-32002 SiteManager troubleshooter allows access without authentication from local network

Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...

4.3CVSS4.8AI score0.0023EPSS
Exploits0References1
cve
cve
added 2021/08/05 8:33 p.m.60 views

CVE-2021-32002

CVE-2021-32002 relates to an improper access control vulnerability in the Secomea SiteManager web service. Affected product: Secomea SiteManager (hardware) with versions prior to 9.5. Root cause: web service allows a local attacker without credentials to access and gather network information and ...

4.3CVSS3.8AI score0.0023EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2021/08/05 12:0 a.m.6 views

Secomea SiteManager 安全漏洞

Secomea SiteManager is a software application from the Danish company Secomea. It provides a remote maintenance function for industrial equipment. A security vulnerability exists in Secomea SiteManager versions prior to 9.5, which stems from an unprotected credentials transfer vulnerability in th...

8CVSS5.9AI score0.00228EPSS
Exploits0References2
cnvd
cnvd
added 2021/03/09 12:0 a.m.8 views

Secomea SiteManager Input Validation Error Vulnerability

Secomea SiteManager is a software application from Secomea, Denmark. It provides a remote maintenance function for industrial equipment. An input validation error vulnerability exists in Secomea SiteManager versions prior to 9.4.620527004, which arises from a network system or product that does n...

9.1CVSS7.1AI score0.01742EPSS
Exploits0References1
nvd
nvd
added 2021/03/05 9:15 p.m.15 views

CVE-2020-29020

Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...

9.1CVSS0.01742EPSS
Exploits0References1
osv
osv
added 2021/03/05 9:15 p.m.7 views

CVE-2020-29020

Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...

7.2CVSS7.1AI score0.01742EPSS
Exploits0References1
prion
prion
added 2021/03/05 9:15 p.m.20 views

Improper access control

Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...

6.5CVSS6.9AI score0.01742EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2021/03/05 7:12 p.m.14 views

CVE-2020-29020 Reject Remote Management via Cellular UPLINK2

Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...

9.1CVSS9.2AI score0.01742EPSS
Exploits0References1
cve
cve
added 2021/03/05 7:12 p.m.72 views

CVE-2020-29020

The vulnerability CVE-2020-29020 affects Secomea SiteManager (hardware) with all versions prior to 9.4.620527004. The root cause is Improper Access Control in the web service, enabling a remote attacker to access the web UI from the internet using configured credentials. Impact is access to the w...

9.1CVSS7.2AI score0.01742EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2021/02/16 4:15 p.m.13 views

CVE-2020-29027

Cross-site Scripting XSS vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3...

5.4CVSS0.00472EPSS
Exploits0References1
osv
osv
added 2021/02/16 4:15 p.m.5 views

CVE-2020-29027

Cross-site Scripting XSS vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3...

5.4CVSS6.1AI score0.00472EPSS
Exploits0References1
nvd
nvd
added 2021/02/16 4:15 p.m.18 views

CVE-2020-29025

A vulnerability in SiteManager-Embedded SM-E Web server which may allow attacker to construct a URL that if visited by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application. Thi...

6.1CVSS0.00588EPSS
Exploits0References1
prion
prion
added 2021/02/16 4:15 p.m.17 views

Design/Logic Flaw

A vulnerability in SiteManager-Embedded SM-E Web server which may allow attacker to construct a URL that if visited by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application. Thi...

4.3CVSS6.3AI score0.00588EPSS
Exploits0References1Affected Software1
prion
prion
added 2021/02/16 4:15 p.m.14 views

Cross site scripting

Cross-site Scripting XSS vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3...

3.5CVSS5.1AI score0.00472EPSS
Exploits0References1Affected Software9
cvelist
cvelist
added 2021/02/16 3:48 p.m.17 views

CVE-2020-29027 Reflected Cross Site Scripting

Cross-site Scripting XSS vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3...

5.4CVSS5.2AI score0.00472EPSS
Exploits0References1
Rows per page
Query Builder