Vulnerabilities > Siemens > Automation License Manager > 5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-10 | CVE-2022-43513 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4), TeleControl Server Basic V3 (All versions < V3.1.2). | 7.5 |
2023-01-10 | CVE-2022-43514 | Path Traversal vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4), TeleControl Server Basic V3 (All versions < V3.1.2). | 9.8 |
2021-08-10 | CVE-2021-25659 | Resource Exhaustion vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). | 5.0 |
2020-08-14 | CVE-2020-7583 | Incorrect Authorization vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0.8). | 4.6 |
2018-08-07 | CVE-2018-11456 | Unspecified vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). | 5.0 |
2018-08-07 | CVE-2018-11455 | Path Traversal vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). | 6.8 |
2012-12-18 | CVE-2012-4691 | Resource Management Errors vulnerability in Siemens Automation License Manager 4.0/5.0/5.1 Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. | 3.3 |
2012-01-08 | CVE-2011-4532 | Path Traversal vulnerability in Siemens Automation License Manager 5.1 Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method. | 5.0 |
2012-01-08 | CVE-2011-4531 | Improper Input Validation vulnerability in Siemens Automation License Manager 5.1 Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command. | 5.0 |
2012-01-08 | CVE-2011-4530 | Improper Input Validation vulnerability in Siemens Automation License Manager 5.1 Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon crash) via long fields, as demonstrated by fields to the (1) open_session->workstation->NAME or (2) grant->VERSION function. | 5.0 |