Vulnerabilities > Siemens > Sinema Server > 14.0

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-35796 Cross-site Scripting vulnerability in Siemens Sinema Server 14.0
A vulnerability has been identified in SINEMA Server V14 (All versions).
network
low complexity
siemens CWE-79
critical
9.0
2022-03-08 CVE-2022-25311 Improper Privilege Management vulnerability in Siemens Sinec Network Management System and Sinema Server
A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions).
local
low complexity
siemens CWE-269
7.3
2021-09-16 CVE-2021-34798 NULL Pointer Dereference vulnerability in multiple products
Malformed requests may cause the server to dereference a NULL pointer.
7.5
2021-09-16 CVE-2021-39275 Out-of-bounds Write vulnerability in multiple products
ap_escape_quotes() may write beyond the end of a buffer when given malicious input.
network
low complexity
apache fedoraproject debian netapp oracle siemens CWE-787
critical
9.8
2021-09-16 CVE-2021-40438 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.
network
high complexity
apache fedoraproject debian netapp f5 oracle siemens CWE-918
critical
9.0
2021-09-14 CVE-2019-10941 Missing Authentication for Critical Function vulnerability in Siemens Sinema Server 12.0/13.0/14.0
A vulnerability has been identified in SINEMA Server (All versions < V14 SP3).
network
low complexity
siemens CWE-306
5.0
2021-03-25 CVE-2021-3449 NULL Pointer Dereference vulnerability in multiple products
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
5.9
2021-02-09 CVE-2020-25237 Path Traversal vulnerability in Siemens Sinec Network Management System and Sinema Server
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2).
network
low complexity
siemens CWE-22
5.5
2020-01-16 CVE-2019-10940 Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0
A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1).
network
low complexity
siemens CWE-269
critical
9.0