48 matches found
CVE-2022-22805
A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SM...
CVE-2022-22806
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SMC Series ID=1018: UPS 04.2...
CVE-2022-22805
A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SM...
CVE-2022-22806
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SMC Series ID=1018: UPS 04.2...
CVE-2022-22805
A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SM...
CVE-2022-22806
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SMC Series ID=1018: UPS 04.2...
Buffer overflow
A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SM...
Authentication flaw
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SMC Series ID=1018: UPS 04.2...
Authentication flaw
A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series SMT Series ID=18: UPS 09.8 and prior / SMT Series...
CVE-2022-22806
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SMC Series ID=1018: UPS 04.2...
CVE-2022-22806
CVE-2022-22806 describes an Authentication Bypass by Capture-replay affecting APC/Schneider Electric Smart-UPS lines. Affected products and versions (pre-fix): SMT Series <= 04.5, SMC Series <= 04.2, SMTL Series <= 02.9, SCL Series <= 02.5 (and SCL <= 03.1), SMX Series 04.5, SMC &...
CVE-2022-22805
CVE-2022-22805 is a TLS buffer overflow vulnerability in APC Schneider Electric Smart-UPS devices using SmartConnect TLS; impact is remote code execution via unauthenticated network packets during TLS reassembly. Affected lines include SmartConnect SMT, SMC, SMTL, SCL, SMX series (various IDs up ...
CVE-2022-22805
A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series SMT Series ID=1015: UPS 04.5 and prior, SMC Series SM...
PT-2022-1931 · Apc · Apc Smart-Ups Family +1
Name of the Vulnerable Software and Affected Versions: APC Smart-UPS Family: SMT Series versions 09.8 and prior APC Smart-UPS Family: SMT Series versions 01.2 and prior APC Smart-UPS Family: SMT Series versions 03.1 and prior APC Smart-UPS Family: SMC Series versions 14.1 and prior APC Smart-UPS...
CVE-2022-23161
Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service...
Dell PowerScale OneFS Denial of Service Vulnerability (CNVD-2022-32836)
Dell PowerScale OneFS is the PowerScale OneFS operating system that provides horizontal scaling NAS. A security vulnerability exists in Dell PowerScale OneFS, which can be exploited by remote attackers to prevent SmartConnect DNS responses...
CVE-2021-21565
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses...
CVE-2021-21565
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses...
Design/Logic Flaw
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses...
CVE-2021-21565
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses...