3 matches found
CVE-2021-37201
A vulnerability has been identified in SINEC NMS All versions V1.0 SP1. The web interface of affected devices is vulnerable to a Cross-Site Request Forgery CSRF attack. This could allow an attacker to manipulate the SINEC NMS configuration by tricking an unsuspecting user with administrative...
CVE-2021-37201
CVE-2021-37201 describes a Cross-Site Request Forgery (CSRF) vulnerability in Siemens SINEC NMS web interface for all versions prior to 1.0 SP1. The issue could allow an attacker to manipulate SINEC NMS configurations by tricking an admin user into clicking a malicious link. Practical impact, as ...
Siemens SINEC NMS
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC NMS Vulnerabilities: Path Traversal, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to manipulate the...