Lucene search
K

31 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:57 p.m.8 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS6.5AI score0.00537EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:57 p.m.6 views

CVE-2022-24044

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...

7.5CVSS6.6AI score0.00826EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.7 views

CVE-2021-41545

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. When the controller receives a specific BACnet protocol packet, an exception cause...

7.5CVSS6.6AI score0.0085EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.27 views

Siemens Desigo PXC and DXR Devices Uncontrolled Resource Consumption (CVE-2022-24040)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application fails to enforce an upper bound to the cost factor of the PBKD...

6.5CVSS6.4AI score0.00781EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.6 views

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 station modules lies in the exposure to information leakage due to inconsistencies in the system. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 station modules is related to the exposure of information through incompatibility issues. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

5.3CVSS5.9AI score0.0099EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/05/31 12:0 a.m.6 views

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 unit stations involves the absence of the “Secure”, “HttpOnly”, or “SameSite” flags in the session cookie files. This allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 station modules is related to the absence of the “Secure”, “HttpOnly”, or “SameSite” flags in the session cookies files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

7.8CVSS6.5AI score0.00537EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.3 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS5.5AI score0.00537EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.3 views

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS5.5AI score0.0099EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.2 views

CVE-2022-24044

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...

7.5CVSS5.5AI score0.00826EPSS
Exploits0References2
OSV
OSV
added 2022/05/20 1:15 p.m.5 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS5.7AI score0.00537EPSS
Exploits0References1
NVD
NVD
added 2022/05/20 1:15 p.m.21 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS0.00537EPSS
Exploits0References1
NVD
NVD
added 2022/05/20 1:15 p.m.22 views

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS0.0099EPSS
Exploits0References1
Prion
Prion
added 2022/05/20 1:15 p.m.14 views

Design/Logic Flaw

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5CVSS5.9AI score0.0099EPSS
Exploits0References1Affected Software4
OSV
OSV
added 2022/05/10 11:15 a.m.4 views

CVE-2022-24040

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application fails to enforce an upper bound to the cost factor of the PBKD...

6.5CVSS6.5AI score0.00781EPSS
Exploits0References1
NVD
NVD
added 2022/05/10 11:15 a.m.16 views

CVE-2022-24041

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application stores the PBKDF2 derived key of users passwords with a low...

6.5CVSS0.0044EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/10 11:15 a.m.1 views

CVE-2022-24041

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application stores the PBKDF2 derived key of users passwords with a low...

6.5CVSS5.4AI score0.0044EPSS
Exploits0References2
OSV
OSV
added 2022/05/10 11:15 a.m.3 views

CVE-2022-24041

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application stores the PBKDF2 derived key of users passwords with a low...

6.5CVSS5.7AI score0.0044EPSS
Exploits0References1
OSV
OSV
added 2022/05/10 11:15 a.m.5 views

CVE-2022-24042

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...

9.1CVSS7.2AI score0.00899EPSS
Exploits0References1
NVD
NVD
added 2022/05/10 11:15 a.m.18 views

CVE-2021-41545

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. When the controller receives a specific BACnet protocol packet, an exception cause...

7.5CVSS0.0085EPSS
Exploits0References1
Prion
Prion
added 2022/05/10 11:15 a.m.20 views

Default credentials

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application stores the PBKDF2 derived key of users passwords with a low...

4CVSS7AI score0.0044EPSS
Exploits0References1Affected Software4
Rows per page
Query Builder