Automation License Manager@* Security Vulnerabilities and Issues — Automation License Manager@* CVE List

Lucene search

SiemensAutomation License Manager*

11 matches found

CVE•added 2016/10/13 10:59 a.m.•83 views

CVE-2016-8563

Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410.

7.5CVSS7.3AI score0.01355EPSS

CVE•added 2018/08/07 3:29 p.m.•59 views

CVE-2018-11456

A vulnerability has been identified in Automation License Manager 5 (All versions

5.8CVSS6AI score0.00178EPSS

CVE•added 2018/08/07 3:29 p.m.•54 views

CVE-2018-11455

A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions

8.8CVSS8.5AI score0.02657EPSS

CVE•added 2012/01/08 8:55 p.m.•49 views

CVE-2011-4530

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon crash) via long fields, as demonstrated by fields to the (1) open_session->workstation->NAME ...

5CVSS6.9AI score0.19728EPSS

CVE•added 2021/08/10 11:15 a.m.•43 views

CVE-2021-25659

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions

7.5CVSS7.3AI score0.00444EPSS

CVE•added 2012/01/08 8:55 p.m.•42 views

CVE-2011-4532

Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method.

5CVSS7AI score0.08074EPSS

CVE•added 2012/01/08 8:55 p.m.•40 views

CVE-2011-4531

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.

5CVSS6.8AI score0.22825EPSS

CVE•added 2016/10/13 10:59 a.m.•39 views

CVE-2016-8564

SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410.

6.5CVSS6.6AI score0.0023EPSS

CVE•added 2020/08/14 4:15 p.m.•36 views

CVE-2020-7583

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions

7.8CVSS7.4AI score0.00037EPSS

CVE•added 2012/01/08 8:55 p.m.•35 views

CVE-2011-4529

Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an _licensekey command, as demonstrated by the (1) check_licensekey or (2) read_licensekey command.

7.5CVSS8AI score0.22454EPSS

CVE•added 2016/10/13 10:59 a.m.•28 views

CVE-2016-8565

Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets.

9.1CVSS9AI score0.01315EPSS