Lucene search

K
SiemensClimatix Pol909 Firmware

6 matches found

CVE
CVE
added 2022/03/08 12:15 p.m.98 views

CVE-2021-41541

A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The Group Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious ...

6.1CVSS5.9AI score0.00526EPSS
CVE
CVE
added 2022/03/08 12:15 p.m.83 views

CVE-2021-41542

A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The User Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious J...

6.1CVSS5.9AI score0.00526EPSS
CVE
CVE
added 2022/03/08 12:15 p.m.76 views

CVE-2021-41543

A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in ...

6.5CVSS6.1AI score0.00215EPSS
CVE
CVE
added 2020/04/14 8:15 p.m.56 views

CVE-2020-7574

A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the "Server Config" web interface of the affected devices that could allow an attacker t...

6.1CVSS5.9AI score0.00371EPSS
CVE
CVE
added 2020/04/14 8:15 p.m.48 views

CVE-2020-7575

A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the web server access log page of the affected devices that could allow an attacker to i...

6.1CVSS5.9AI score0.00371EPSS
CVE
CVE
added 2021/11/09 12:15 p.m.48 views

CVE-2021-40366

A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.42), Climatix POL909 (AWM module) (All versions < V11.34). The web server of affected devices transmits data without TLS encryption. This could allow an unauthenticated remote attacker in a man-in-the-midd...

7.4CVSS7.2AI score0.00073EPSS