Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-03 | CVE-2018-4855 | Missing Encryption of Sensitive Data vulnerability in Siemens Siclock Tc100 Firmware and Siclock Tc400 Firmware A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). | 6.5 |
| 2018-06-26 | CVE-2018-4861 | Information Exposure vulnerability in Siemens Scalance M875 Firmware A vulnerability has been identified in SCALANCE M875 (All versions). | 4.9 |
| 2018-06-26 | CVE-2018-11448 | Cross-site Scripting vulnerability in Siemens Scalance M875 Firmware A vulnerability has been identified in SCALANCE M875 (All versions). | 4.8 |
| 2018-06-14 | CVE-2018-4848 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. | 6.1 |
| 2018-06-14 | CVE-2018-4842 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. | 4.8 |
| 2018-06-04 | CVE-2016-9042 | Improper Input Validation vulnerability in multiple products An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. | 5.9 |
| 2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 5.5 |
| 2018-04-23 | CVE-2018-4847 | Missing Encryption of Sensitive Data vulnerability in Siemens Simatic Wincc OA Operator A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4). | 4.6 |
| 2018-03-20 | CVE-2018-4844 | Improper Privilege Management vulnerability in Siemens Simatic Wincc OA UI A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10), SIMATIC WinCC OA UI for iOS (All versions < V3.15.10). | 6.7 |
| 2018-03-08 | CVE-2018-4839 | Unspecified vulnerability in Siemens products A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions < V4.70), SIPROTEC 4 7SJ61 (All versions < V4.96), SIPROTEC 4 7SJ62 (All versions < V4.96), SIPROTEC 4 7SJ64 (All versions < V4.96), SIPROTEC 4 7SJ66 (All versions < V4.30), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77). | 5.3 |