Vulnerabilities > Siemens
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-10 | CVE-2018-7084 | OS Command Injection vulnerability in multiple products A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. | 9.8 |
| 2019-05-10 | CVE-2018-7064 | Cross-site Scripting vulnerability in multiple products A reflected cross-site scripting (XSS) vulnerability is present in an unauthenticated Aruba Instant web interface. | 4.3 |
| 2019-05-10 | CVE-2018-7083 | Information Exposure vulnerability in multiple products If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. | 5.0 |
| 2019-05-10 | CVE-2018-7082 | OS Command Injection vulnerability in multiple products A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. | 7.2 |
| 2019-04-17 | CVE-2019-10953 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. | 5.0 |
| 2019-04-17 | CVE-2019-6579 | Unspecified vulnerability in Siemens Spectrum Power 4 A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). | 7.5 |
| 2019-04-17 | CVE-2019-6575 | Uncaught Exception vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. | 7.5 |
| 2019-04-17 | CVE-2019-6570 | Improper Handling of Insufficient Permissions or Privileges vulnerability in Siemens Sinema Remote Connect Server 1.1/2.0 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). | 9.0 |
| 2019-04-17 | CVE-2019-6568 | Out-of-bounds Read vulnerability in Siemens products The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. | 7.5 |
| 2019-04-17 | CVE-2018-16561 | Unspecified vulnerability in Siemens products A vulnerability has been identified in SIMATIC S7-300 CPUs (All versions < V3.X.16). | 7.8 |