Vulnerabilities > Siemens > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-01 | CVE-2021-22890 | Authentication Bypass by Spoofing vulnerability in multiple products curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. | 3.7 |
| 2021-02-16 | CVE-2021-23839 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products OpenSSL 1.0.2 supports SSLv2. | 3.7 |
| 2020-12-14 | CVE-2020-8284 | A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. | 3.7 |
| 2019-09-13 | CVE-2019-13922 | Missing Encryption of Sensitive Data vulnerability in Siemens Sinema Remote Connect Server 2.0 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). | 2.7 |
| 2018-12-12 | CVE-2018-11464 | Unspecified vulnerability in Siemens products A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). | 3.7 |
| 2016-10-13 | CVE-2016-7960 | Information Exposure vulnerability in Siemens Simatic Step 7 Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors. | 2.5 |
| 2016-07-04 | CVE-2016-5849 | Information Exposure vulnerability in Siemens Sicam Pas/Pqs Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage. | 2.5 |
| 2016-03-18 | CVE-2016-3155 | Information Exposure vulnerability in Siemens Apogee Insight Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors. | 3.4 |