Описание
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralize special elements in user input to the ssmctl-client command.
This could allow an authenticated, lowly privileged local attacker to execute privileged commands in the underlying OS.
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralize special elements in user input to the ssmctl-client command.
This could allow an authenticated, lowly privileged local attacker to execute privileged commands in the underlying OS.
Связанные уязвимости
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralize special elements in user input to the ```ssmctl-client``` command. This could allow an authenticated, lowly privileged local attacker to execute privileged commands in the underlying OS.
Уязвимость приложения для мониторинга безопасности сети Siemens SINEC Security Monitor, связанная с непринятием мер по чистке данных на управляющем уровне, позволяющая нарушителю выполнить произвольные команды