Vulnerabilities > Siemens > Automation License Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-10 | CVE-2022-43513 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4), TeleControl Server Basic V3 (All versions < V3.1.2). | 7.5 |
| 2023-01-10 | CVE-2022-43514 | Path Traversal vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4), TeleControl Server Basic V3 (All versions < V3.1.2). | 9.8 |
| 2021-08-10 | CVE-2021-25659 | Resource Exhaustion vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). | 5.0 |
| 2020-08-14 | CVE-2020-7583 | Incorrect Authorization vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0.8). | 4.6 |
| 2018-08-07 | CVE-2018-11456 | Unspecified vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). | 5.0 |
| 2018-08-07 | CVE-2018-11455 | Path Traversal vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). | 6.8 |
| 2016-10-13 | CVE-2016-8565 | Improper Access Control vulnerability in Siemens Automation License Manager 5.3 Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets. | 6.4 |
| 2016-10-13 | CVE-2016-8564 | SQL Injection vulnerability in Siemens Automation License Manager 5.3 SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410. | 6.4 |
| 2016-10-13 | CVE-2016-8563 | Improper Input Validation vulnerability in Siemens Automation License Manager 5.3 Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410. | 5.0 |
| 2012-12-18 | CVE-2012-4691 | Resource Management Errors vulnerability in Siemens Automation License Manager 4.0/5.0/5.1 Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. | 3.3 |