Vulnerabilities > CVE-2020-15792 - Unspecified vulnerability in Siemens Desigo Insight 4.0/5.0/6.0

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
siemens

Summary

A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack.

Vulnerable Configurations

Part Description Count
Application
Siemens
6