25 matches found
HTTPS Information Disclosure Vulnerability
HTTPS Hypertext Transfer Protocol Secure is a network security transfer protocol that communicates over a computer network via the Hypertext Transfer Protocol HTTP, utilizing SSL/TLS to encrypt packets of data.HTTPS was developed with the primary purpose of providing authentication of web servers...
The vulnerability of the microprogrammed logic controller Siemens Simatic S7-1200 allows a malicious actor to intercept communication sessions.
The software of the Siemens SIMATIC S7-1200 programmable logic controller contains a vulnerability in the random number generator integrated into the authentication handler of the web server. During operation, it is possible to intercept a communication session by adjusting the session identifier...
The vulnerability of the SAP HANA database management system allows a hacker to execute arbitrary code.
The vulnerability of the Extended Application Services component of the SAP HANA database management system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the authentication process on the HTTP server...
CVE-2012-6440 Rockwell Automation ControlLogix PLC Improper Input Validation
The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability will allow unauthorized access of the product’s Web server to view and alter product configuration and diagnostics information. Rockwell...
Koyo Ecom Modules Vulnerabilities
Overview This Advisory is a follow-up to the ICS-CERT Alert titled “ICS-ALERT-12-020-05A—Koyo Ecom100 Vulnerabilities” that was originally published January 20, 2012, on the ICS-CERT web page and updated on February 14, 2012. ICS-CERT is aware of a public report of vulnerabilities with...