Vulnerabilities > Siemens > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-02 CVE-2024-38878 Path Traversal vulnerability in Siemens Omnivise T3000 Application Server R9.2
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions).
network
low complexity
siemens CWE-22
6.5
2024-07-09 CVE-2024-39869 Unspecified vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).
network
low complexity
siemens
6.5
2024-07-09 CVE-2024-39871 Incorrect Authorization vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).
network
low complexity
siemens CWE-863
5.4
2024-07-09 CVE-2024-39875 Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).
network
low complexity
siemens CWE-732
4.3
2024-07-09 CVE-2024-39876 Allocation of Resources Without Limits or Throttling vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).
local
low complexity
siemens CWE-770
4.0
2024-06-11 CVE-2024-35208 Insufficiently Protected Credentials vulnerability in Siemens Sinec Traffic Analyzer 1.1
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2).
local
low complexity
siemens CWE-522
5.5
2024-06-11 CVE-2024-35211 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Siemens Sinec Traffic Analyzer 1.1
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2).
network
low complexity
siemens CWE-614
6.5
2024-03-12 CVE-2024-22045 Unspecified vulnerability in Siemens Sinema Remote Connect Client
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1).
network
low complexity
siemens
6.5
2024-02-13 CVE-2023-48363 NULL Pointer Dereference vulnerability in Siemens products
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4).
low complexity
siemens CWE-476
6.5
2024-02-13 CVE-2023-48364 NULL Pointer Dereference vulnerability in Siemens products
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4).
low complexity
siemens CWE-476
6.5