Vulnerabilities > CVE-2023-48430 - Unspecified vulnerability in Siemens Sinec INS 1.0

047910
CVSS 2.7 - LOW
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
LOW
network
low complexity
siemens

Summary

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically restart.

Vulnerable Configurations

Part Description Count
Application
Siemens
5