Vulnerabilities > Secomea
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-17 | CVE-2023-2912 | Use After Free vulnerability in Secomea Sitemanager Embedded 9.2C Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction. | 7.5 |
| 2023-04-19 | CVE-2022-4308 | Insufficiently Protected Credentials vulnerability in Secomea Gatemanager 9.6.621421014 Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked. | 8.8 |
| 2023-04-19 | CVE-2023-0317 | Unspecified vulnerability in Secomea Gatemanager 9.6.621421014 Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. | 4.9 |
| 2023-04-19 | CVE-2022-38125 | Unspecified vulnerability in Secomea products Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client. | 5.5 |
| 2022-12-13 | CVE-2022-38124 | Improper Privilege Management vulnerability in Secomea products Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner. | 6.5 |
| 2022-12-09 | CVE-2022-2752 | Improper Authentication vulnerability in Secomea Gatemanager 9.6.621421014 A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7. | 7.8 |
| 2022-12-06 | CVE-2022-38123 | Improper Input Validation vulnerability in Secomea Gatemanager 9.6.621421014 Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0. | 7.2 |
| 2022-05-04 | CVE-2022-25786 | Unspecified vulnerability in Secomea Gatemanager 9.6.621421014 Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. | 4.9 |
| 2022-05-04 | CVE-2021-32010 | Inadequate Encryption Strength vulnerability in Secomea products Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. | 8.1 |
| 2022-05-04 | CVE-2022-25778 | Cross-Site Request Forgery (CSRF) vulnerability in Secomea products Cross-Site Request Forgery (CSRF) vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in logged in user session. | 8.8 |