Lucene search
+L

4 matches found

ICS
ICS
added 2023/10/10 12:0 a.m.63 views

Siemens RUGGEDCOM APE180

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.8CVSS7.6AI score0.00508EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2023/08/09 8:46 a.m.14 views

CVE-2023-22843 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2

An authenticated attacker with administrative access to the web management interface can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will be stored and can later be executed by another legitimate user viewing the details of such a rule. Via stored...

7.3CVSS5.9AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/09 8:46 a.m.24 views

CVE-2023-22843 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2

An authenticated attacker with administrative access to the web management interface can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will be stored and can later be executed by another legitimate user viewing the details of such a rule. Via stored...

7.3CVSS6.6AI score0.00284EPSS
Exploits0References1
CVE
CVE
added 2023/08/09 8:46 a.m.56 views

CVE-2023-22843

CVE-2023-22843 is a stored XSS vulnerability in Nozomi Guardian/CMC where an authenticated administrator can inject JavaScript into Threat Intelligence rule definitions (yara content; limited HTML for packet/STYX), which then executes in other users’ sessions. Impact includes unauthorized actions...

7.3CVSS5.9AI score0.00284EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder