Vulnerabilities > Siemens > 6Ag1206 2Bs00 7Ac2 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-14 | CVE-2023-44318 | Use of Hard-coded Cryptographic Key vulnerability in Siemens products Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. | 4.9 |
2023-11-14 | CVE-2023-44319 | Reversible One-Way Hash vulnerability in Siemens products Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. | 4.9 |
2023-11-14 | CVE-2023-44320 | Forced Browsing vulnerability in Siemens products Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator. | 4.3 |
2023-11-14 | CVE-2023-44321 | Resource Exhaustion vulnerability in Siemens products Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. | 6.5 |
2023-11-14 | CVE-2023-44322 | Unchecked Return Value vulnerability in Siemens products Affected devices can be configured to send emails when certain events occur on the device. | 5.9 |
2023-11-14 | CVE-2023-44373 | Injection vulnerability in Siemens products Affected devices do not properly sanitize an input field. | 9.1 |
2023-11-14 | CVE-2023-44374 | Unsynchronized Access to Shared Data in a Multithreaded Context vulnerability in Siemens products Affected devices allow to change the password, but insufficiently check which password is to be changed. | 8.8 |
2022-10-11 | CVE-2022-31765 | Missing Authorization vulnerability in Siemens products Affected devices do not properly authorize the change password function of the web interface. | 8.8 |