Vulnerabilities > Siemens > Sinec INS

DATE CVE VULNERABILITY TITLE RISK
2023-12-12 CVE-2023-48427 Improper Certificate Validation vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2).
network
low complexity
siemens CWE-295
critical
 9.8
9.8
2023-12-12 CVE-2023-48428 OS Command Injection vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2).
network
low complexity
siemens CWE-78
7.2
7.2
2023-12-12 CVE-2023-48429 Improper Check for Unusual or Exceptional Conditions vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2).
network
low complexity
siemens CWE-754
2.7
2.7
2023-12-12 CVE-2023-48430 Unspecified vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2).
network
low complexity
siemens
2.7
2.7
2023-12-12 CVE-2023-48431 Improper Check for Unusual or Exceptional Conditions vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2).
network
low complexity
siemens CWE-754
8.6
8.6
2023-01-10 CVE-2022-45092 Path Traversal vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1).
network
low complexity
siemens CWE-22
8.8
8.8
2023-01-10 CVE-2022-45093 Path Traversal vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1).
network
low complexity
siemens CWE-22
8.8
8.8
2023-01-10 CVE-2022-45094 Command Injection vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1).
network
low complexity
siemens CWE-77
8.8
8.8
2022-12-05 CVE-2022-35255 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc.
network
low complexity
nodejs siemens debian CWE-338
critical
 9.1
9.1
2022-12-05 CVE-2022-35256 HTTP Request Smuggling vulnerability in multiple products
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF.
network
low complexity
nodejs llhttp siemens debian CWE-444
6.5
6.5