3 matches found
CVE-2022-43398
A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50. Affected devices do not renew the session cookie after login/logout and also accept us...
Siemens SICAM Q100 Session Fixation (CVE-2022-43398)
A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50. Affected devices do not renew the session cookie after login/logout and also accept us...
CVE-2022-43398
Siemens POWER METER SICAM Q100 devices (prior to V2.50) are affected by CVE-2022-43398: a session-fixation vulnerability where the web interface does not renew session cookies after login/logout and accepts user-defined cookies, allowing an attacker to hijack an active user session. Affected prod...