Vulnerabilities > Siemens
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-08 | CVE-2017-9941 | Unspecified vulnerability in Siemens Sipass Integrated A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker in a Man-in-the-Middle position between the SiPass integrated server and SiPass integrated clients to read or modify the network communication. network siemens | 5.8 |
| 2017-08-08 | CVE-2017-9940 | Improper Privilege Management vulnerability in Siemens Sipass Integrated A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file system of the SiPass integrated server over the network. | 5.5 |
| 2017-08-08 | CVE-2017-9939 | Improper Authentication vulnerability in Siemens Sipass Integrated A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication mechanism and perform administrative operations. | 7.5 |
| 2017-08-08 | CVE-2017-9938 | Improper Input Validation vulnerability in Siemens Simatic Logon A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. | 5.0 |
| 2017-08-08 | CVE-2017-6873 | Unspecified vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack on the integrated web server on port 443/tcp. network siemens | 5.8 |
| 2017-08-08 | CVE-2017-6872 | Exposure of Resource to Wrong Sphere vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker with access to port 21/tcp to access or alter historical measurement data stored on the device. | 6.4 |
| 2017-08-08 | CVE-2017-6871 | Improper Authentication vulnerability in Siemens products A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMATIC WinCC Sm@rtClient for Android Lite (All versions before V1.0.2.2). | 4.6 |
| 2017-08-08 | CVE-2017-6870 | Unspecified vulnerability in Siemens Simatic Wincc Sm@Rtclient 1.0 A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2). network siemens | 5.8 |
| 2017-08-08 | CVE-2017-6869 | Unspecified vulnerability in Siemens Viewport FOR web Office Portal A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the permissions of the operating-system user running the web server by sending specially crafted network packets to port 443/TCP or port 80/TCP. | 10.0 |
| 2017-08-07 | CVE-2017-6866 | Access Bypass vulnerability in Siemens XHQ A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before V4.7.1.3 and 5 before V5.0.0.2) that could allow an authenticated low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level. | 4.0 |