Vulnerabilities > Siemens > Spectrum Power 4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-14 | CVE-2022-26476 | Use of Hard-coded Credentials vulnerability in Siemens products A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). | 8.8 |
| 2022-02-09 | CVE-2022-23312 | Cross-site Scripting vulnerability in Siemens Spectrum Power 4 4.70 A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP9 Security Patch 1). | 6.1 |
| 2021-12-14 | CVE-2021-45046 | Expression Language Injection vulnerability in multiple products It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. | 9.0 |
| 2021-12-10 | CVE-2021-44228 | Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity apache siemens intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical | 10.0 |
| 2020-09-09 | CVE-2020-15790 | Information Exposure vulnerability in Siemens Spectrum Power 4 4.70 A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP8). | 5.3 |
| 2020-09-09 | CVE-2020-15784 | Cleartext Storage of Sensitive Information vulnerability in Siemens Spectrum Power 4 4.70 A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP8). | 5.3 |
| 2019-07-11 | CVE-2019-10933 | Cross-site Scripting vulnerability in Siemens products A vulnerability has been identified in Spectrum Power 3 (Corporate User Interface) (All versions <= v3.11), Spectrum Power 4 (Corporate User Interface) (Version v4.75), Spectrum Power 5 (Corporate User Interface) (All versions < v5.50), Spectrum Power 7 (Corporate User Interface) (All versions <= v2.20). | 6.1 |
| 2019-04-17 | CVE-2019-6579 | Unspecified vulnerability in Siemens Spectrum Power 4 A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). | 9.8 |