Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-13	CVE-2022-46140	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Siemens products Affected devices use a weak encryption scheme to encrypt the debug zip file. network low complexity siemens CWE-327	6.5
2022-12-13	CVE-2022-46142	Storing Passwords in a Recoverable Format vulnerability in Siemens products Affected devices store the CLI user passwords encrypted in flash memory. low complexity siemens CWE-257	5.7
2022-08-10	CVE-2022-36325	Unspecified vulnerability in Siemens products Affected devices do not properly sanitize data introduced by an user when rendering the web interface. network low complexity siemens	4.8
2022-07-07	CVE-2022-32205	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. network low complexity haxx fedoraproject debian netapp apple siemens splunk CWE-770	4.3
2022-07-07	CVE-2022-32206	Allocation of Resources Without Limits or Throttling vulnerability in multiple products curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. network low complexity haxx fedoraproject debian netapp siemens splunk CWE-770	6.5